Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2021-41229

Published: 12 November 2021

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash.

Notes

AuthorNote
sbeattie
introduced in d939483328489fb835bb425d36f7c7c73d52c388 (v4.0)

Priority

Low

Cvss 3 Severity Score

6.5

Score breakdown

Status

Package Release Status
bluez
Launchpad, Ubuntu, Debian
trusty Ignored
(end of standard support)
upstream Needs triage

xenial Needed

bionic
Released (5.48-0ubuntu3.6)
focal
Released (5.53-0ubuntu3.4)
hirsute
Released (5.56-0ubuntu4.3)
impish
Released (5.60-0ubuntu2.1)
jammy
Released (5.62-0ubuntu2)
kinetic
Released (5.62-0ubuntu2)
lunar
Released (5.62-0ubuntu2)
mantic
Released (5.62-0ubuntu2)
Patches:
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e79417ed7185b150a056d4eb3a1ab528b91d2fc0

Severity score breakdown

Parameter Value
Base score 6.5
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H