Out-of-bounds read in BlueZ

#VU84666 Out-of-bounds read in BlueZ

Published: 2023-12-22

Vulnerability identifier: #VU84666

Vulnerability risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-51580

CWE-ID: CWE-125

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
BlueZ
Universal components / Libraries / Libraries used by multiple products

Vendor: BlueZ Project

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling AVRCP protocol within the avrcp_parse_attribute_list() function. A remote attacker can trick the victim into connecting to a malicious device, trigger an out-of-bounds read and gain access to sensitive information.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

BlueZ: 4.0 - 5.70

External links
http://www.zerodayinitiative.com/advisories/ZDI-23-1903/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in BlueZ