CVE-2020-27153 — Double Free in Bluez

CWE-415 — Double Free CWE-416 — Use After Free12 documents9 sources

Severity

8.6HIGHNVD

OSV4.2

EPSS

1.9%

top 16.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Bluez Debian Linux Opensuse Leap

Timeline

PublishedOct 15

Latest updateApr 16

Description

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:HExploitability: 3.9 | Impact: 4.7

Affected Packages4 packages

▶NVDbluez/bluez< 5.55

▶Debianbluez/bluez< 5.55-1+3

▶Ubuntubluez/bluez< 5.48-0ubuntu3.5+1

▶NVDopensuse/leap15.1, 15.2+1

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

VulDB

BlueZ up to 5.54 MGMT Event shared/att.c disconnect_cb double free↗2026-04-16

▶

GHSA

GHSA-hrr3-cwf8-mjp6: In BlueZ before 5↗2022-05-24

▶

OSV

bluez vulnerabilities↗2021-06-16

▶

OSV

bluez vulnerabilities↗2021-06-16

▶

OSV

CVE-2020-27153: In BlueZ before 5↗2020-10-15

▶

📋Vendor Advisories

Ubuntu

BlueZ vulnerabilities↗2021-06-16

▶

Ubuntu

BlueZ vulnerabilities↗2021-06-16

▶

Red Hat

bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS or RCE↗2020-09-06

▶

Debian

CVE-2020-27153: bluez - In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() ro...↗2020

▶

💬Community

Bugzilla

CVE-2020-27153 bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS or RCE↗2020-10-02

▶