CVE-2021-3658
Description
bluetoothd from bluez incorrectly saves adapters Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to physically nearby attackers.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.073
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Bluetooth tools and daemons (USN-5155-1) bluez_5.48-0ubuntu3.6_i386.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) bluez_5.48-0ubuntu3.6_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) bluez_5.53-0ubuntu3.4_i386.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) bluez_5.53-0ubuntu3.4_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) bluez_5.56-0ubuntu4.3_i386.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) bluez_5.56-0ubuntu4.3_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) bluez_5.60-0ubuntu2.1_i386.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) bluez_5.60-0ubuntu2.1_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) libbluetooth3_5.48-0ubuntu3.6_i386.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) libbluetooth3_5.48-0ubuntu3.6_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) libbluetooth3_5.53-0ubuntu3.4_i386.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) libbluetooth3_5.53-0ubuntu3.4_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) libbluetooth3_5.56-0ubuntu4.3_i386.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) libbluetooth3_5.56-0ubuntu4.3_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) libbluetooth3_5.60-0ubuntu2.1_i386.deb | Linux |
| Bluetooth tools and daemons (USN-5155-1) libbluetooth3_5.60-0ubuntu2.1_amd64.deb | Linux |
| SUSE-SU-2022:3981-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) bluez-5.55-150300.3.14.1.x86_64.rpm | Linux |
| SUSE-SU-2022:3981-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) libbluetooth3-5.55-150300.3.14.1.x86_64.rpm | Linux |
| SUSE-SU-2022:3981-1(SUSE Linux Enterprise Module for Basesystem 15-SP3 ) bluez-deprecated-5.55-150300.3.14.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234