Vulnerability Details CVE-2016-9802
In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.1%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html
- http://www.securityfocus.com/bid/94652
- https://www.spinics.net/lists/linux-bluetooth/msg68898.html
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html
- http://www.securityfocus.com/bid/94652
- https://www.spinics.net/lists/linux-bluetooth/msg68898.html