Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-39177: USN-5481-1: BlueZ vulnerabilities | Ubuntu security notices | Ubuntu

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.

CVE
Open in Source
#vulnerability#ubuntu#dos

Packages

  • bluez - Bluetooth tools and daemons

Details

It was discovered that BlueZ incorrectly validated certain capabilities
and lengths when handling the A2DP profile. A remote attacker could use
this issue to cause BlueZ to crash, resulting in a denial of service, or
possibly execute arbitrary code.

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading

  • Loading…

Related news

CVE-2022-34428: DSA-2022-260: Dell Hybrid Client Security Update for Multiple Vulnerabilities

Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service Vulnerability in the UI. An adversary with WMS group admin access could potentially exploit this vulnerability, leading to temporary denial-of-service.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE