Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2016-9918

Published: 8 December 2016

In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

Notes

AuthorNote
mdeslaur 
as of 2020-02-07, appears unfixed
crash in hcidump command line tool only

Priority

Negligible

CVSS 3 base score: 7.5

Status

Package Release Status
bluez
Launchpad, Ubuntu, Debian 		artful Ignored
(reached end-of-life)
bionic Deferred

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Deferred

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Deferred

kinetic Deferred

precise Does not exist
(precise was deferred [2017-08-01])
trusty Does not exist
(trusty was deferred [2020-01-06])
upstream Needs triage

xenial Deferred

yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading