Vulnerability CVE-2022-0204


Published: 2022-03-10

Description:
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.

Type:

CWE-787

CVSS2 => (AV:A/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
6.4/10
6.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Bluez -> Bluez 

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=2039807
https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q

Copyright 2024, cxsecurity.com

 

Back to Top