Platform Packages Modules Bluetooth vulnerabilities

119 known vulnerabilities affecting platform/packages_modules_bluetooth.

Total CVEs
119
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
UNKNOWN119

Vulnerabilities

Page 2 of 6
CVE-2025-0084UNKNOWN≥ 15-next:0, < 15-next:2025-03-01≥ 15:0, < 15:2025-03-01+2 more2025-03-01
CVE-2025-0084 CVE-2025-0084: In multiple locations, there is a possible out of bounds write due to a use after free In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2025-22409UNKNOWN≥ 15-next:0, < 15-next:2025-03-01≥ 15:0, < 15:2025-03-012025-03-01
CVE-2025-22409 CVE-2025-22409: In rfc_send_buf_uih of rfc_ts_frames In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2025-0074UNKNOWN≥ 15-next:0, < 15-next:2025-03-01≥ 15:0, < 15:2025-03-012025-03-01
CVE-2025-0074 CVE-2025-0074: In process_service_attr_rsp of sdp_discovery In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2025-0075UNKNOWN≥ 15-next:0, < 15-next:2025-03-01≥ 15:0, < 15:2025-03-012025-03-01
CVE-2025-0075 CVE-2025-0075: In process_service_search_attr_req of sdp_server In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2025-0093UNKNOWN≥ 15-next:0, < 15-next:2025-03-01≥ 15:0, < 15:2025-03-01+2 more2025-03-01
CVE-2025-0093 CVE-2025-0093: In handleBondStateChanged of AdapterService In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
osv
CVE-2025-22408UNKNOWN≥ 15-next:0, < 15-next:2025-03-01≥ 15:0, < 15:2025-03-012025-03-01
CVE-2025-22408 CVE-2025-22408: In rfc_check_send_cmd of rfc_utils In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2025-22407UNKNOWN≥ 15-next:0, < 15-next:2025-03-01≥ 15:0, < 15:2025-03-012025-03-01
CVE-2025-22407 CVE-2025-22407: In hidd_check_config_done of hidd_conn In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-43771UNKNOWN≥ 15-next:0, < 15-next:2025-01-01≥ 15:0, < 15:2025-01-01+2 more2025-01-01
CVE-2024-43771 CVE-2024-43771: In gatts_process_read_req of gatt_sr In gatts_process_read_req of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-43763UNKNOWN≥ 15-next:0, < 15-next:2025-01-01≥ 15:0, < 15:2025-01-01+2 more2025-01-01
CVE-2024-43763 CVE-2024-43763: In build_read_multi_rsp of gatt_sr In build_read_multi_rsp of gatt_sr.cc, there is a possible denial of service due to a logic error in the code. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-43096UNKNOWN≥ 15-next:0, < 15-next:2025-01-01≥ 15:0, < 15:2025-01-01+2 more2025-01-01
CVE-2024-43096 CVE-2024-43096: In build_read_multi_rsp of gatt_sr In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-49747UNKNOWN≥ 15-next:0, < 15-next:2025-01-01≥ 15:0, < 15:2025-01-01+2 more2025-01-01
CVE-2024-49747 CVE-2024-49747: In gatts_process_read_by_type_req of gatt_sr In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-34722UNKNOWN≥ 15-next:0, < 15-next:2025-01-01≥ 13:0, < 13:2025-01-01+1 more2025-01-01
CVE-2024-34722 CVE-2024-34722: In smp_proc_rand of smp_act In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-43770UNKNOWN≥ 15-next:0, < 15-next:2025-01-01≥ 15:0, < 15:2025-01-01+2 more2025-01-01
CVE-2024-43770 CVE-2024-43770: In gatts_process_find_info of gatt_sr In gatts_process_find_info of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-49748UNKNOWN≥ 15-next:0, < 15-next:2025-01-01≥ 15:0, < 15:2025-01-01+2 more2025-01-01
CVE-2024-49748 CVE-2024-49748: In gatts_process_primary_service_req of gatt_sr In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-34730UNKNOWN≥ 13:0, < 13:2025-01-01≥ 14:0, < 14:2025-01-012025-01-01
CVE-2024-34730 CVE-2024-34730: In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs due to a logic error in the code In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-34719UNKNOWN≥ 15-next:0, < 15-next:2024-11-01≥ 13:0, < 13:2024-11-01+1 more2024-11-01
CVE-2024-34719 CVE-2024-34719: In multiple locations, there is a possible permissions bypass due to a missing null check In multiple locations, there is a possible permissions bypass due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-34727UNKNOWN≥ 14-next:0, < 14-next:2024-08-01≥ 13:0, < 13:2024-08-01+1 more2024-08-01
CVE-2024-34727 CVE-2024-34727: In sdpu_compare_uuid_with_attr of sdp_utils In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-0039UNKNOWN≥ 14-next:0, < 14-next:2024-03-01≥ 13:0, < 13:2024-03-01+1 more2024-03-01
CVE-2024-0039 CVE-2024-0039: In attp_build_value_cmd of att_protocol In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-0045UNKNOWN≥ 14-next:0, < 14-next:2024-03-01≥ 13:0, < 13:2024-03-01+1 more2024-03-01
CVE-2024-0045 CVE-2024-0045: In smp_proc_sec_req of smp_act In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2024-23717UNKNOWN≥ 14-next:0, < 14-next:2024-03-01≥ 13:0, < 13:2024-03-01+1 more2024-03-01
CVE-2024-23717 CVE-2024-23717: In access_secure_service_from_temp_bond of btm_sec In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve keystroke injection due to improper input validation. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
← Previous2 / 6Next →