BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
CPE | Name | Operator | Version |
---|---|---|---|
bluez | lt | 5.59 | |
ubuntu_linux | eq | 18.04 | |
ubuntu_linux | eq | 20.04 | |
debian_linux | eq | 10.0 |