Lucene search
Veracode Vulnerability DatabaseVERACODE:33321HistoryDec 14, 2021 - 6:01 p.m.
Information Disclosure
2021-12-1418:01:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.001 Low
EPSS
Percentile
40.1%
bluez is vulnerable to information disclosure. The vulnerability exists due to the handling of a SVC_ATTR_REQ by the SDP implementation which allows an attacker to inject a malicious CSTATE, tricking the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrary heap data.
Related
prion
prion
Design/Logic Flaw
2021-11-29 08:15:00
osv
osv
CVE-2019-8921
2021-11-29 08:15:07
bluez - security update
2021-11-27 00:00:00
bluez - security update
2022-10-24 00:00:00
redhatcve
redhatcve
CVE-2019-8921
2021-11-29 18:02:33
nvd
nvd
CVE-2019-8921
2021-11-29 08:15:07
cvelist
cvelist
CVE-2019-8921
2021-11-29 00:00:00
cve
cve
CVE-2019-8921
2021-11-29 08:15:07
debiancve
debiancve
CVE-2019-8921
2021-11-29 08:15:07
ubuntucve
ubuntucve
CVE-2019-8921
2021-11-29 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : bluez (EulerOS-SA-2022-1524)
2022-04-25 00:00:00
SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2022:3718-1)
2022-10-26 00:00:00
Amazon Linux 2 : bluez (ALAS-2023-2309)
2023-10-20 00:00:00
amazon
amazon
Medium: bluez
2023-10-12 15:09:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:3718-1)
2022-10-26 00:00:00
Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2022-1524)
2022-04-25 00:00:00
Debian: Security Advisory (DLA-2827-1)
2021-11-28 00:00:00
debian
debian
[SECURITY] [DLA 2827-1] bluez security update
2021-11-27 11:11:49
[SECURITY] [DLA 3157-1] bluez security update
2022-10-24 10:50:09