CVE-2020-0556

Published: 12 March 2020

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access

Priority

Medium

CVSS 3 base score: 7.1

Notes

AuthorNote
amurray
Affects versions before 5.53 according to the Intel advisory
mdeslaur
while the Intel advisory says "below 5.53", the commits that
actually fix the issue appear to have been added after 5.53 was
released. Marking focal as needed until further information is
available.
Intel advisory was updates on 2020-03-16 to change fixed version
to 5.54.

References

Bugs