Topic

Bluetooth

A collection of 7 issues

CVE-2022-39176 Audio information can be found in the profile before 5.59 if the params_len check is not done.

CVE-2017-9079 BlueZ before 5.60 allows physically proximate attackers to obtain sensitive information via a crafted call because the dial command does not verify that a particular string is present in the caller ID. CVE-2017-9417 In BlueZ before 5.60, there is a NULL pointer dereference in function hci_msm_

CVE-2022-36614 Totolink A860R v4.1.2cu.5182_B20201027 had a hardcoded password for root at /etc/shadow.sample.

A hardcoded password, such as this one, is a very bad sign. It means that the device was probably developed by a third party. The device might have been reviewed and deemed okay, but it is very likely that the code does not work as it should. Due to the

CVE-2022-21742 The Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function.

An authenticated user on the same network can exploit this vulnerability to execute arbitrary code on the system with root privileges. CVE-2019-0516: An issue was discovered with the driver API endpoint. There is a stack-based buffer overflow in the DirectSound API endpoint. An unauthenticated LAN attacker can exploit this to

CVE-2022-22593 An issue with memory handling was fixed in iOS 15.3, iPadOS 15.3, watchOS 8.4, tvOS 15.3, Security Update 2022-001 Catalina, and macOS Monterey 12.2.

An issue in Bluetooth was addressed with improved support for device encryption. This issue did not affect most users, as only a very small number of users have Bluetooth enabled on their Mac. A race condition issue was fixed with updated time stamp handling. This issue did not affect most

CVE-2022-22587 The memory corruption issue was fixed with improved input validation. A malicious application may be able to execute arbitrary code with kernel privileges.

If you are using a device that is running an older version of iOS or macOS, you should update as soon as possible. Reduced reliability of Wi-Fi reception on iPhone 6 and later models was addressed with improved antenna tuning. This issue affected some devices that were in range of

CVE-2022-0204 A heap overflow vulnerability was found in bluez in versions prior to 5.63

An attacker could take advantage of this vulnerability to cause an application to crash or gain access to sensitive information. Furthermore, this vulnerability could be exploited remotely to cause a denial of service against the targeted application. BlueZ is a Linux kernel component that enables Bluetooth devices. It allows a

CVE-2022-0185 A buffer over-flow was found in the way the legacy_parse_param function in the Filesystem Context of the Linux kernel verified the supplied parameters.

A heap-based buffer overflow in the way the Network Socket creation was handled by the Linux kernel was fixed in version 4.14. There was a bug in the code that does not properly handle socket creation attempts for non-AF_INET6 sockets. An unprivileged local user could use this flaw