CVE-2016-9803

Published: 03 December 2016

In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.

Priority

Negligible

CVSS 3 base score: 5.3

Status

Package Release Status
bluez
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 20.10 (Groovy Gorilla) Deferred

Ubuntu 20.04 LTS (Focal Fossa) Deferred

Ubuntu 18.04 LTS (Bionic Beaver) Deferred

Ubuntu 16.04 LTS (Xenial Xerus) Deferred

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was deferred [2020-01-06])
Ubuntu 12.04 ESM (Precise Pangolin) Does not exist
(precise was deferred [2017-08-01])