CVE-2020-0556

Related Files

Red Hat Security Advisory 2020-4481-01

Posted Nov 4, 2020

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4481-01 - The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts, and pcmcia configuration files. Issues addressed include denial of service and privilege escalation vulnerabilities.

tags | advisory, denial of service, vulnerability

systems | linux, redhat

advisories | CVE-2020-0556

SHA-256 | a65dd46c1700511b5c3532ead70c3a2b9f80182d4a70a7b4835977e7a21232d6

Download | Favorite | View

Red Hat Security Advisory 2020-4001-01

Posted Sep 30, 2020

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4001-01 - The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts, and pcmcia configuration files. Issues addressed include denial of service and privilege escalation vulnerabilities.

tags | advisory, denial of service, vulnerability

systems | linux, redhat

advisories | CVE-2020-0556

SHA-256 | 2e9db63e99e21387471fcbb8757e4d65787474e5c95b020ef6cd83fd40f1cba7

Download | Favorite | View

Ubuntu Security Notice USN-4311-1

Posted Mar 30, 2020

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4311-1 - It was discovered that BlueZ incorrectly handled bonding HID and HOGP devices. A local attacker could possibly use this issue to impersonate non-bonded devices. It was discovered that BlueZ incorrectly handled certain commands. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local

systems | linux, ubuntu

advisories | CVE-2016-7837, CVE-2020-0556

SHA-256 | 2401291c8cfe00861ad69e1d24575c9b4a44b76e244600145ac823763df30bc5

Download | Favorite | View

Debian Security Advisory 4647-1

Posted Mar 28, 2020

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4647-1 - It was reported that the BlueZ's HID and HOGP profile implementations don't specifically require bonding between the device and the host. Malicious devices can take advantage of this flaw to connect to a target host and impersonate an existing HID device without security or to cause an SDP or GATT service discovery to take place which would allow HID reports to be injected to the input subsystem from a non-bonded source.

tags | advisory

systems | linux, debian

advisories | CVE-2020-0556

SHA-256 | 162dbfbf7a51afb140e41ea95ef8bda9cb2caf97846e78d132ef4a2915d79a3c

Download | Favorite | View

Gentoo Linux Security Advisory 202003-49

Posted Mar 26, 2020

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-49 - A vulnerability in BlueZ might allow remote attackers to bypass security restrictions. Versions less than 5.54 are affected.

tags | advisory, remote

systems | linux, gentoo

advisories | CVE-2020-0556

SHA-256 | 8c9b059f5d1471771573a0bd716d390cd3a92702773251661a660b868995edcf

Download | Favorite | View