Your submission was sent successfully! Close

CVE-2021-43400

Published: 4 November 2021

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.

Priority

Medium

CVSS 3 base score: 9.1

Status

Package Release Status
bluez
Launchpad, Ubuntu, Debian
bionic
Released (5.48-0ubuntu3.6)
focal
Released (5.53-0ubuntu3.4)
hirsute
Released (5.56-0ubuntu4.3)
impish
Released (5.60-0ubuntu2.1)
jammy Not vulnerable
(5.62-0ubuntu1)
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Needs triage