CVE-2020-12352
published 2020-11-23CVE-2020-12352: Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
PriorityP339medium6.5CVSS 3.1
AVAACLPRNUINSUCHINAN
EXPLOIT
EPSS
5.71%
92.1th percentile
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 5.9.1-1 (bookworm) | linux 5.9.1-1 (bookworm) |
| debian | linux | — | — |
| linux | linux_kernel | >= 0 < 5.9.1-1 | 5.9.1-1 |
| linux | linux_kernel | >= 0 < 5.9.1-1 | 5.9.1-1 |
| linux | linux_kernel | >= 0 < 5.9.1-1 | 5.9.1-1 |
| linux | linux_kernel | >= 0 < 5.9.1-1 | 5.9.1-1 |
| linux | linux_kernel | >= 0 < 4.4.0-197.229 | 4.4.0-197.229 |
| linux | linux_kernel | >= 0 < 4.15.0-122.124 | 4.15.0-122.124 |
| linux | linux_kernel | >= 0 < 5.4.0-52.57 | 5.4.0-52.57 |
| linux | linux_kernel | >= 0 < 5.15.0-130.140 | 5.15.0-130.140 |
| linux | linux_kernel | >= 0 < 4.4.0-262.296 | 4.4.0-262.296 |
| linux | linux_kernel | >= 0 < 4.15.0-122.124 | 4.15.0-122.124 |
| linux | linux_kernel | >= 0 < 4.15.0-132.136 | 4.15.0-132.136 |
| linux | linux_kernel | >= 0 < 5.4.0-52.57 | 5.4.0-52.57 |
| linux | linux_kernel | >= 0 < 5.4.0-62.70 | 5.4.0-62.70 |
| linux | linux_kernel | >= 5.4 < 5.4.72 | 5.4.72 |
| linux | linux_kernel | >= 5.8.0 < 5.8.16 | 5.8.16 |
| linux | linux_kernel | 5.9.0 – 5.9.13 | — |
| red_hat | kernel | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.03.3LOWAV:A/AC:L/Au:N/C:P/I:N/A:N
osv8.8HIGH
vendor_ubuntu8.8HIGH
vendor_debian6.5LOW
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities
vendor_ubuntu·2025-01-27·CVSS 8.8
CVE-2024-43904 [HIGH] Linux kernel (Xilinx ZynqMP) vulnerabilities
Title: Linux kernel (Xilinx ZynqMP) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leadi
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-01-09·CVSS 8.8
CVE-2024-50006 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-bas
Ubuntu
Linux kernel (Azure) vulnerabilities
vendor_ubuntu·2025-01-09·CVSS 8.8
CVE-2024-50006 [HIGH] Linux kernel (Azure) vulnerabilities
Title: Linux kernel (Azure) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a
Ubuntu
Linux kernel (GKE) vulnerabilities
vendor_ubuntu·2025-01-07·CVSS 8.8
CVE-2024-43904 [HIGH] Linux kernel (GKE) vulnerabilities
Title: Linux kernel (GKE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a he
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities
vendor_ubuntu·2025-01-06·CVSS 8.8
CVE-2024-49927 [HIGH] Linux kernel (Intel IoTG) vulnerabilities
Title: Linux kernel (Intel IoTG) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-01-06·CVSS 8.8
CVE-2024-43904 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-bas
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2025-01-06·CVSS 8.8
CVE-2024-53057 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-bas
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2024-12-20·CVSS 8.8
CVE-2020-24490 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-bas
Ubuntu
Kernel Live Patch Security Notice
vendor_ubuntu·2021-01-26·CVSS 5.5
CVE-2020-28374 [MEDIUM] Kernel Live Patch Security Notice
Title: Kernel Live Patch Security Notice
Summary: Several security issues were fixed in the kernel.
Elena Petrova discovered that the pin controller device tree implementation
in the Linux kernel did not properly handle string references. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-0427)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
It was discovered that the GENEVE tunnel implementation in the Linux kernel
when combined with IPSec did not properly select IP routes in some
situations. An attacker could use this to expose sensitive i
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2020-12-02·CVSS 5.5
CVE-2020-14351 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Elena Petrova discovered that the pin controller device tree implementation
in the Linux kernel did not properly handle string references. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-0427)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered
that legacy pairing and secure-connections pairing authentication in the
Bluetooth protocol could allow an unauthenticated user to complete
authentication without pairing credentials via adjacent access. A
physically proximate attacker could use this to impersonate a previously
paired Bluetooth device. (CVE-2020-10135)
Andy Nguyen discovered that the Bluetooth A2MP implementation in
Red Hat
kernel: Red Hat only CVE-2020-12352 regression
vendor_redhat·2020-11-03·CVSS 6.5
CVE-2020-25662 [MEDIUM] CWE-665 kernel: Red Hat only CVE-2020-12352 regression
kernel: Red Hat only CVE-2020-12352 regression
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted
Ubuntu
Kernel Live Patch Security Notice
vendor_ubuntu·2020-10-23·CVSS 8.8
CVE-2020-24490 [HIGH] Kernel Live Patch Security Notice
Title: Kernel Live Patch Security Notice
Summary: Several security issues were fixed in the kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-base
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2020-10-20·CVSS 8.8
CVE-2020-12351 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-bas
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2020-10-19·CVSS 8.8
CVE-2020-12352 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel u
Red Hat
kernel: net: bluetooth: information leak when processing certain AMP packets
vendor_redhat·2020-10-14·CVSS 6.5
CVE-2020-12352 [MEDIUM] CWE-284 kernel: net: bluetooth: information leak when processing certain AMP packets
kernel: net: bluetooth: information leak when processing certain AMP packets
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP (Alternate MAC-PHY Manager Protocol) packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
Mitigation: To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kern
Debian
CVE-2020-12352: linux - Improper access control in BlueZ may allow an unauthenticated user to potentiall...
vendor_debian·2020·CVSS 6.5
CVE-2020-12352 [MEDIUM] CVE-2020-12352: linux - Improper access control in BlueZ may allow an unauthenticated user to potentiall...
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
Scope: local
bookworm: resolved (fixed in 5.9.1-1)
bullseye: resolved (fixed in 5.9.1-1)
forky: resolved (fixed in 5.9.1-1)
sid: resolved (fixed in 5.9.1-1)
trixie: resolved (fixed in 5.9.1-1)
Debian
CVE-2020-25662: linux - A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux ke...
vendor_debian·2020·CVSS 6.5
CVE-2020-25662 [MEDIUM] CVE-2020-25662: linux - A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux ke...
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
OSV
linux-xilinx-zynqmp vulnerabilities
osv·2025-01-27·CVSS 8.8
CVE-2020-12351 [HIGH] linux-xilinx-zynqmp vulnerabilities
linux-xilinx-zynqmp vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker could u
OSV
linux-azure, linux-intel-iotg-5.15 vulnerabilities
osv·2025-01-09·CVSS 8.8
CVE-2020-12351 [HIGH] linux-azure, linux-intel-iotg-5.15 vulnerabilities
linux-azure, linux-intel-iotg-5.15 vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
a
OSV
linux-azure-5.15 vulnerabilities
osv·2025-01-09·CVSS 8.8
CVE-2020-12351 [HIGH] linux-azure-5.15 vulnerabilities
linux-azure-5.15 vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker could use
OSV
linux-gke vulnerabilities
osv·2025-01-07·CVSS 8.8
CVE-2020-12351 [HIGH] linux-gke vulnerabilities
linux-gke vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker could use this to
OSV
linux-intel-iotg vulnerabilities
osv·2025-01-06·CVSS 8.8
CVE-2020-12351 [HIGH] linux-intel-iotg vulnerabilities
linux-intel-iotg vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker could use
OSV
linux, linux-lts-xenial vulnerabilities
osv·2025-01-06·CVSS 8.8
CVE-2020-12351 [HIGH] linux, linux-lts-xenial vulnerabilities
linux, linux-lts-xenial vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker cou
OSV
linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi vulnerabilities
osv·2025-01-06·CVSS 8.8
CVE-2020-12351 [HIGH] linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi vulnerabilities
linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain size
OSV
linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
osv·2024-12-20·CVSS 8.8
CVE-2020-12351 [HIGH] linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle-5.15 vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of c
GHSA
GHSA-6v9p-cxvf-8f7v: A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of st
ghsa_unreviewed·2022-05-24·CVSS 6.5
CVE-2020-25662 [MEDIUM] CWE-200 GHSA-6v9p-cxvf-8f7v: A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of st
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
OSV
Kernel Live Patch Security Notice
osv·2021-01-26·CVSS 5.5
CVE-2020-0427 [MEDIUM] Kernel Live Patch Security Notice
Kernel Live Patch Security Notice
Elena Petrova discovered that the pin controller device tree implementation
in the Linux kernel did not properly handle string references. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-0427)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
It was discovered that the GENEVE tunnel implementation in the Linux kernel
when combined with IPSec did not properly select IP routes in some
situations. An attacker could use this to expose sensitive information
(unencrypted network traffic). (CVE-2020-25645)
It was
OSV
linux, linux-aws, linux-azure, linux-kvm, linux-lts-trusty, linux-raspi2, linux-snapdragon vulnerabilities
osv·2020-12-02·CVSS 5.5
CVE-2020-0427 [MEDIUM] linux, linux-aws, linux-azure, linux-kvm, linux-lts-trusty, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-azure, linux-kvm, linux-lts-trusty, linux-raspi2, linux-snapdragon vulnerabilities
Elena Petrova discovered that the pin controller device tree implementation
in the Linux kernel did not properly handle string references. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-0427)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered
that legacy pairing and secure-connections pairing authentication in the
Bluetooth protocol could allow an unauthenticated user to complete
authentication without pairing credentials via adjacent access. A
physically proximate attacker could use this to impersonate a previously
paired Bluetooth device. (CVE-2020-10135)
Andy Nguyen discovered that the Bluetooth A2MP implementatio
OSV
CVE-2020-12352: Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access
osv·2020-11-23·CVSS 6.5
CVE-2020-12352 [MEDIUM] CVE-2020-12352: Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
OSV
CVE-2020-25662: A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of st
osv·2020-11-05·CVSS 6.5
CVE-2020-25662 [MEDIUM] CVE-2020-25662: A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of st
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
OSV
Kernel Live Patch Security Notice
osv·2020-10-23·CVSS 8.8
CVE-2020-12351 [HIGH] Kernel Live Patch Security Notice
Kernel Live Patch Security Notice
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker could use
OSV
linux-oem-osp1, linux-raspi2-5.3 vulnerabilities
osv·2020-10-20·CVSS 8.8
CVE-2020-12351 [HIGH] linux-oem-osp1, linux-raspi2-5.3 vulnerabilities
linux-oem-osp1, linux-raspi2-5.3 vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
att
OSV
linux, linux-hwe, linux-hwe-5.4, linux-oem, linux-raspi, linux-raspi-5.4, linux-snapdragon vulnerabilities
osv·2020-10-19·CVSS 8.8
CVE-2020-12351 [HIGH] linux, linux-hwe, linux-hwe-5.4, linux-oem, linux-raspi, linux-raspi-5.4, linux-snapdragon vulnerabilities
linux, linux-hwe, linux-hwe-5.4, linux-oem, linux-raspi, linux-raspi-5.4, linux-snapdragon vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
No detection rules found.
Bugzilla
CVE-2020-25662 kernel: Red Hat only CVE-2020-12352 regression
bugzilla·2020-10-26·CVSS 6.5
CVE-2020-25662 [MEDIUM] CVE-2020-25662 kernel: Red Hat only CVE-2020-12352 regression
CVE-2020-25662 kernel: Red Hat only CVE-2020-12352 regression
This is a CVE-2020-12352 regression that only affects Red Hat Enterprise Linux 8.3 GA kernel version kernel-4.18.0-240.el8 (and any kernel derived from this release such as kernel rt-4.18.0-240.rt7.54.el8).
CVE-2020-12352 description follows:
An information leak flaw was found in the way the Linux kernel's Bluetooth stack implementation handled initialization of stack memory when handling certain AMP packets. A remote attacker in adjacent range could use this flaw to leak small portions of stack memory on the system by sending a specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.
Discussion:
Statement:
This issue only affects the Linux kernel version as shipped with the Red
Bugzilla
CVE-2020-12352 kernel: net: bluetooth: information leak when processing certain AMP packets [fedora-all]
bugzilla·2020-10-14·CVSS 6.5
CVE-2020-12352 [MEDIUM] CVE-2020-12352 kernel: net: bluetooth: information leak when processing certain AMP packets [fedora-all]
CVE-2020-12352 kernel: net: bluetooth: information leak when processing certain AMP packets [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects
Bugzilla
CVE-2020-12352 kernel: net: bluetooth: information leak when processing certain AMP packets
bugzilla·2020-10-08·CVSS 6.5
CVE-2020-12352 [MEDIUM] CVE-2020-12352 kernel: net: bluetooth: information leak when processing certain AMP packets
CVE-2020-12352 kernel: net: bluetooth: information leak when processing certain AMP packets
An information leak flaw was found in the way Linux kernel Bluetooth stack implementation handled initialization of stack memory when handling certain AMP packets. A remote attacker in adjacent range could use this flaw to leak small portions of stack memory on the system by sending a specially crafted AMP packets.
Discussion:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1888440]
---
Acknowledgments:
Name: Andy Nguyen (Google), Intel
---
FEDORA-2020-e288acda9a has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.
---
FEDORA-2020-ce117eff51 has been pushed to the Fedora 33 stable repository.
If pro
http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.htmlhttp://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.htmlhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.htmlhttp://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.htmlhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351
2020-11-23
Published