exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2020-24490

Status Candidate

Overview

Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.

Related Files

Ubuntu Security Notice USN-4752-1
Posted Feb 25, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4752-1 - Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-10135, CVE-2020-14314, CVE-2020-15436, CVE-2020-15437, CVE-2020-24490, CVE-2020-25212, CVE-2020-25284, CVE-2020-25641, CVE-2020-25643, CVE-2020-25704, CVE-2020-27152, CVE-2020-27815, CVE-2020-28588, CVE-2020-28915, CVE-2020-29368, CVE-2020-29369, CVE-2020-29371, CVE-2020-29660, CVE-2020-29661, CVE-2020-35508
SHA-256 | 9d423aca91d7f1b70463a45e888e4c441f17d4136f7beccf8bf581dc633b7a2e
Red Hat Security Advisory 2020-4685-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4685-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2020-24490, CVE-2020-25661, CVE-2020-25662
SHA-256 | 85cc25aa4852a0036089bf1788b4311f0ec7fff4e1e67b70ceebf4a899fcb65b
Red Hat Security Advisory 2020-4686-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4686-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2020-24490, CVE-2020-25661, CVE-2020-25662
SHA-256 | ab59a235960cacde471964157506abc21c16eab5a88d5be7201da39ce8bca2d0
Kernel Live Patch Security Notice LSN-0073-1
Posted Oct 26, 2020
Authored by Benjamin M. Romer

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow.

tags | advisory, overflow, kernel
systems | linux
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-24490
SHA-256 | 512630109fdf9fe767bed1b49eba7332dc002fa3cdd83221748674a578aae27a
Ubuntu Security Notice USN-4592-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4592-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-24490
SHA-256 | d7515239e07d687808da7fbe91f834dad13e673659a86c1dad1b6e475e380895
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close