Platform System Bt vulnerabilities
66 known vulnerabilities affecting platform/system_bt.
Total CVEs
66
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
UNKNOWN66
Vulnerabilities
Page 4 of 4
CVE-2020-12856UNKNOWN≥ 11-next:0, < 11-next:2020-11-01≥ 8.0:0, < 8.0:2020-11-01+4 more2020-11-01
CVE-2020-12856 CVE-2020-12856: In smp_decide_association_model of smp_act
In smp_decide_association_model of smp_act.cc, there is a possible silent bluetooth pairing due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2020-0413UNKNOWN≥ 8.0:0, < 8.0:2020-10-01≥ 8.1:0, < 8.1:2020-10-01+3 more2020-10-01
CVE-2020-0413 CVE-2020-0413: In gatt_process_read_by_type_rsp of gatt_cl
In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2020-0377UNKNOWN≥ 8.0:0, < 8.0:2020-10-01≥ 8.1:0, < 8.1:2020-10-01+3 more2020-10-01
CVE-2020-0377 CVE-2020-0377: In gatt_process_read_by_type_rsp of gatt_cl
In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2020-0380UNKNOWN≥ 8.0:0, < 8.0:2020-09-01≥ 8.1:0, < 8.1:2020-09-01+2 more2020-09-01
CVE-2020-0380 CVE-2020-0380: In allocExcessBits of bitalloc
In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
CVE-2020-0379UNKNOWN≥ 8.0:0, < 8.0:2020-09-01≥ 8.1:0, < 8.1:2020-09-01+2 more2020-09-01
CVE-2020-0379 CVE-2020-0379: In the Bluetooth service, there is a possible spoofing attack due to a logic error
In the Bluetooth service, there is a possible spoofing attack due to a logic error. This could lead to remote information disclosure of sensitive information with no additional execution privileges needed. User interaction is needed for exploitation.
osv
CVE-2020-0225UNKNOWN≥ 10:0, < 10:2020-07-012020-07-01
CVE-2020-0225 CVE-2020-0225: In a2dp_vendor_ldac_decoder_decode_packet of a2dp_vendor_ldac_decoder
In a2dp_vendor_ldac_decoder_decode_packet of a2dp_vendor_ldac_decoder.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
osv
← Previous4 / 4