CVE-2024-50044 - Linux Kernel Bluetooth RFCOMM Possible Deadlock Vulnerability Explained
In June 2024, the Linux kernel team fixed a concerning deadlock vulnerability in the Bluetooth RFCOMM protocol implementation. This bug, now tracked as CVE-2024-50044, could
CVE-2024-44191 - Apple Bluetooth State Management Flaw – Exploit Details & Fixes
In 2024, Apple disclosed CVE-2024-44191, a security issue that affected how apps interacted with Bluetooth across several Apple operating systems, including iOS, iPadOS, watchOS, visionOS,
CVE-2024-34727 - Heap Buffer Overflow Vulnerability in `sdp_utils.cc` Enables Remote Information Disclosure (Analysis and Exploit)
A new security flaw, CVE-2024-34727, has been discovered in the sdpu_compare_uuid_with_attr function within the widely used Bluetooth stack implementation. This issue
CVE-2024-31320 - How a Silent Companion Device Association Bug Can Escalate Privileges on Android
In early 2024, a new Android security vulnerability was discovered and tracked as CVE-2024-31320. It resides in the setSkipPrompt method of AssociationRequest.java. This flaw
CVE-2024-36013 - Use-After-Free in Linux Kernel Bluetooth L2CAP (`l2cap_connect`) (Exploit, Technical Details, and Fix)
In June 2024, a critical vulnerability (CVE-2024-36013) was disclosed and patched in the Linux kernel’s Bluetooth stack (specifically, the L2CAP layer). This exclusive writeup
Episode
00:00:00
00:00:00