CVE-2016-9804
Description
In BlueZ 5.42, a buffer overflow was observed in commands_dump function in tools/parser/csr.c source file. The issue exists because commands array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame frm->ptr parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.36
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-cups-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-cups-debuginfo-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-debuginfo-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-debugsource-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) libbluetooth3-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) libbluetooth3-debuginfo-5.13-5.4.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234