#VU68830 Out-of-bounds read in BlueZ - CVE-2019-8921
Published: October 30, 2022
Vulnerability identifier: #VU68830
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-8921
CWE-ID: CWE-125
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
BlueZ
BlueZ
Software vendor:
BlueZ Project
BlueZ Project
Description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to missing verification checks when handling consecutive SVC_ATTR_REQ requests within the service_attr_req() function in sdpd-request.c in bluetoothd . A remote attacker on the local network can send specially crafted CSTATE data to the system and trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrary heap data.
Remediation
Install updates from vendor's website.