Launchpad CVE tracker

CVE 2020-27153

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.

Related bugs and status

CVE-2020-27153 (Candidate) is related to these bugs:

Bug #1926548: The gatt protocol has out-of-bounds read that leads to information leakage

		In	Importance	Status
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu)	Undecided	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	Bluez Utilities	Unknown	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu Hirsute)	Undecided	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu Impish)	Undecided	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu Groovy)	Undecided	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu Focal)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-27153

References