CVE-2022-0204

Sažetak

A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=2039807
https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q
https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0
https://security.gentoo.org/glsa/202209-16
https://lists.debian.org/debian-lts-announce/2022/10/msg00026.html

CVSS

Base:	5.8
Impact:	6.4
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:A/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

26-06-2023 - 18:57

Objavljeno

10-03-2022 - 17:44