Your submission was sent successfully! Close

CVE-2021-3588

Published: 10 June 2021

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.

Priority

Medium

CVSS 3 base score: 3.3

Status

Package Release Status
bluez
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
focal
Released (5.53-0ubuntu3.2)
groovy
Released (5.55-0ubuntu1.2)
hirsute Not vulnerable
(5.56-0ubuntu4)
impish Not vulnerable
(5.58-0ubuntu1)
jammy Not vulnerable
(5.58-0ubuntu1)
trusty Does not exist

upstream
Released (5.56)
xenial Not vulnerable
(code not present)