Bluez Project: >> Bluez Security Vulnerabilities
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVSS Score
7.5
EPSS Score
0.005
Published
2016-12-08
hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack.
CVSS Score
5.4
EPSS Score
0.094
Published
2006-12-31
security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper.
CVSS Score
7.5
EPSS Score
0.011
Published
2005-08-12