what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

CVE-2020-12352

Status Candidate

Overview

Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

Related Files

Linux Kernel 5.4 BleedingTooth Remote Code Execution
Posted Apr 8, 2021
Authored by Andy Nguyen

Linux kernel version 5.4 BleedingTooth bluetooth zero-click proof of concept remote code execution exploit.

tags | exploit, remote, kernel, code execution, proof of concept
systems | linux
advisories | CVE-2020-12351, CVE-2020-12352
SHA-256 | 5108c67d6fbb60138d1ac3f7b89fb015439b9afd13c3fb0e06991d6195d956ac
Kernel Live Patch Security Notice LSN-0074-1
Posted Feb 1, 2021
Authored by Benjamin M. Romer

Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information (kernel memory). Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.

tags | advisory, remote, kernel, local
systems | linux
advisories | CVE-2020-0427, CVE-2020-12352, CVE-2020-25645, CVE-2020-28374
SHA-256 | 682e52dd49535c7ff7a41efaf9cdf2164f511e0432317c6e2e9cafb8c2198527
Ubuntu Security Notice USN-4657-1
Posted Dec 2, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4657-1 - Elena Petrova discovered that the pin controller device tree implementation in the Linux kernel did not properly handle string references. A local attacker could use this to expose sensitive information. Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2020-0427, CVE-2020-10135, CVE-2020-12352, CVE-2020-14351, CVE-2020-14390, CVE-2020-25211, CVE-2020-25284, CVE-2020-25643, CVE-2020-25645, CVE-2020-25705, CVE-2020-28915, CVE-2020-4788
SHA-256 | dbfacde5bfc0db84799a2a413ab853f7c93216a094a4a437b9daba32978b1e77
Red Hat Security Advisory 2020-4991-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4991-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12352
SHA-256 | 36e5f3eaac42575f4136edc475d74185d6e90f76555788b825efb4cd93ae1876
Red Hat Security Advisory 2020-4990-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4990-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12352
SHA-256 | 10f5ba14b7f29241a2f54b3c0a3434500b3a6a43323b220f35100524f619309f
Debian Security Advisory 4774-1
Posted Oct 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4774-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, debian
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-25211, CVE-2020-25643, CVE-2020-25645
SHA-256 | 4a7683621e889be8263c0eed0407c142799b83815cf38d1f521331435715266a
Kernel Live Patch Security Notice LSN-0073-1
Posted Oct 26, 2020
Authored by Benjamin M. Romer

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. Andy Nguyen discovered that the Bluetooth HCI event packet parser in the Linux kernel did not properly handle event advertisements of certain sizes, leading to a heap-based buffer overflow.

tags | advisory, overflow, kernel
systems | linux
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-24490
SHA-256 | 512630109fdf9fe767bed1b49eba7332dc002fa3cdd83221748674a578aae27a
Red Hat Security Advisory 2020-4276-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4276-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
SHA-256 | 30e414e203f959072ef3c252bfa4108ae6fc999c4fb3b252e31ab879b7d1f16f
Ubuntu Security Notice USN-4592-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4592-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-24490
SHA-256 | d7515239e07d687808da7fbe91f834dad13e673659a86c1dad1b6e475e380895
Red Hat Security Advisory 2020-4286-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4286-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-14331, CVE-2020-14385, CVE-2020-14386
SHA-256 | 8f7a24548cfe79a3658e4f63f2abba8cf6d601dde1625f973112d0508a84f92d
Red Hat Security Advisory 2020-4289-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4289-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-14331, CVE-2020-14385, CVE-2020-14386
SHA-256 | 697afd2cc16ce67184c185acf1888e6cb30327a9ea1e639d63b640c467e815d5
Ubuntu Security Notice USN-4591-1
Posted Oct 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4591-1 - Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2020-12351, CVE-2020-12352
SHA-256 | 9e92faf34368121f7c8cf203fd068a5a684f38477adf3dac22437502d9d19dad
Red Hat Security Advisory 2020-4287-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4287-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-14385, CVE-2020-14386
SHA-256 | 01bef5346f503d03b012cd69911e6673dd749f654d1dd791e5eb09b23c87a2b3
Red Hat Security Advisory 2020-4288-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4288-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
SHA-256 | f4bb7d26cf3242d424edb1179c6250309ca5b40dc657bea76ecda54a2b68451c
Red Hat Security Advisory 2020-4277-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4277-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
SHA-256 | 679f30f382dd5057de71f7a79527bd81431e44abcec06ba31f0b68517af03a97
Red Hat Security Advisory 2020-4279-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4279-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352, CVE-2020-16166, CVE-2020-25212
SHA-256 | 3699f63fe43f86e6c44ae89e57ff19c771763fa6ea9bef8f89f0a03e12ce9ae8
Red Hat Security Advisory 2020-4281-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4281-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
SHA-256 | a272c8fee45ed9daa78742eadfcba9a081df48e160cbc735ed39ba846a87bf60
Red Hat Security Advisory 2020-4278-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4278-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
SHA-256 | 2b5486825c634257b3145d28131fe6f6d29224979f036cf63aacde0a43250a13
Red Hat Security Advisory 2020-4280-01
Posted Oct 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4280-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an information leakage vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-12351, CVE-2020-12352
SHA-256 | 1696f9a79d40d044bddece31602b3be261f79462997acb088faeeb78ee68c930
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close