Linux kernel version 5.4 BleedingTooth bluetooth zero-click proof of concept remote code execution exploit.
5108c67d6fbb60138d1ac3f7b89fb015439b9afd13c3fb0e06991d6195d956acElena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information (kernel memory). Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.
682e52dd49535c7ff7a41efaf9cdf2164f511e0432317c6e2e9cafb8c2198527Ubuntu Security Notice 4657-1 - Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Various other issues were also addressed.
dbfacde5bfc0db84799a2a413ab853f7c93216a094a4a437b9daba32978b1e77Red Hat Security Advisory 2020-4991-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
36e5f3eaac42575f4136edc475d74185d6e90f76555788b825efb4cd93ae1876Red Hat Security Advisory 2020-4990-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
10f5ba14b7f29241a2f54b3c0a3434500b3a6a43323b220f35100524f619309fDebian Linux Security Advisory 4774-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.
4a7683621e889be8263c0eed0407c142799b83815cf38d1f521331435715266aAndy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow.
512630109fdf9fe767bed1b49eba7332dc002fa3cdd83221748674a578aae27aRed Hat Security Advisory 2020-4276-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
30e414e203f959072ef3c252bfa4108ae6fc999c4fb3b252e31ab879b7d1f16fUbuntu Security Notice 4592-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.
d7515239e07d687808da7fbe91f834dad13e673659a86c1dad1b6e475e380895Red Hat Security Advisory 2020-4286-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
8f7a24548cfe79a3658e4f63f2abba8cf6d601dde1625f973112d0508a84f92dRed Hat Security Advisory 2020-4289-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.
697afd2cc16ce67184c185acf1888e6cb30327a9ea1e639d63b640c467e815d5Ubuntu Security Notice 4591-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.
9e92faf34368121f7c8cf203fd068a5a684f38477adf3dac22437502d9d19dadRed Hat Security Advisory 2020-4287-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and information leakage vulnerabilities.
01bef5346f503d03b012cd69911e6673dd749f654d1dd791e5eb09b23c87a2b3Red Hat Security Advisory 2020-4288-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
f4bb7d26cf3242d424edb1179c6250309ca5b40dc657bea76ecda54a2b68451cRed Hat Security Advisory 2020-4277-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
679f30f382dd5057de71f7a79527bd81431e44abcec06ba31f0b68517af03a97Red Hat Security Advisory 2020-4279-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include an information leakage vulnerability.
3699f63fe43f86e6c44ae89e57ff19c771763fa6ea9bef8f89f0a03e12ce9ae8Red Hat Security Advisory 2020-4281-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
a272c8fee45ed9daa78742eadfcba9a081df48e160cbc735ed39ba846a87bf60Red Hat Security Advisory 2020-4278-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.
2b5486825c634257b3145d28131fe6f6d29224979f036cf63aacde0a43250a13Red Hat Security Advisory 2020-4280-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.
1696f9a79d40d044bddece31602b3be261f79462997acb088faeeb78ee68c930
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed