CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
70.1%
Severity: High
Date : 2020-10-18
CVE-ID : CVE-2020-12351 CVE-2020-12352 CVE-2020-24490
Package : linux-lts
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1250
The package linux-lts before version 5.4.72-1 is vulnerable to multiple
issues including information disclosure, privilege escalation and
denial of service.
Upgrade to 5.4.72-1.
The problems have been fixed upstream in version 5.4.72.
None.
A flaw was found in the way the Linux kernel Bluetooth implementation
handled L2CAP packets with A2MP CID. A remote attacker in adjacent
range could use this flaw to crash the system causing denial of service
or potentially execute arbitrary code on the system by sending a
specially crafted L2CAP packet. The highest threat from this
vulnerability is to data confidentiality and integrity as well as
system availability.
An information leak flaw was found in the way the Linux kernel’s
Bluetooth stack implementation handled initialization of stack memory
when handling certain AMP packets. A remote attacker in adjacent range
could use this flaw to leak small portions of stack memory on the
system by sending a specially crafted AMP packets. The highest threat
from this vulnerability is to data confidentiality.
A heap buffer overflow flaw was found in the way the Linux kernel’s
Bluetooth implementation processed extended advertising report events.
This flaw allows a remote attacker in an adjacent range to crash the
system, causing a denial of service or to potentially execute arbitrary
code on the system by sending a specially crafted Bluetooth packet. The
highest threat from this vulnerability is to confidentiality,
integrity, as well as system availability.
A remote unauthenticated attacker in range is able to execute arbitrary
code, disclose information or DoS the system through bluetooth.
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
https://github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq
https://lore.kernel.org/linux-bluetooth/[email protected]/
https://lore.kernel.org/linux-bluetooth/[email protected]/
https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq
https://github.com/google/security-research/security/advisories/GHSA-ccx2-w2r4-x649
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=a2ec905d1e160a33b2e210e45ad30445ef26ce0e
https://security.archlinux.org/CVE-2020-12351
https://security.archlinux.org/CVE-2020-12352
https://security.archlinux.org/CVE-2020-24490
git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=a2ec905d1e160a33b2e210e45ad30445ef26ce0e
github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq
github.com/google/security-research/security/advisories/GHSA-ccx2-w2r4-x649
github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq
lore.kernel.org/linux-bluetooth/[email protected]/
lore.kernel.org/linux-bluetooth/[email protected]/
security.archlinux.org/AVG-1250
security.archlinux.org/CVE-2020-12351
security.archlinux.org/CVE-2020-12352
security.archlinux.org/CVE-2020-24490
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
70.1%