2020年11月14日 星期六

[LSN-0073-1] Linux kernel vulnerability

 ---------- Forwarded message ---------

From: benjamin.romer@canonical.com

Date: Oct 26, 2020 7:45PM

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the

Linux kernel contained a type-confusion error. A physically proximate

remote attacker could use this to cause a denial of service (system

crash) or possibly execute arbitrary code. (CVE-2020-12351)

Andy Nguyen discovered that the Bluetooth A2MP implementation in the

Linux kernel did not properly initialize memory in some situations. A

physically proximate remote attacker could use this to expose sensitive

information (kernel memory). (CVE-2020-12352)

Andy Nguyen discovered that the Bluetooth HCI event packet parser in the

Linux kernel did not properly handle event advertisements of certain

sizes, leading to a heap-based buffer overflow. A physically proximate

remote attacker could use this to cause a denial of service (system

crash) or possibly execute arbitrary code. (CVE-2020-24490)

References

-   CVE-2020-12351

-   CVE-2020-12352

-   CVE-2020-24490

沒有留言:

張貼留言