Vulnerabilities > CVE-2022-39177
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
Vulnerable Configurations
References
- https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1977968
- https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1977968
- https://lists.debian.org/debian-lts-announce/2022/10/msg00026.html
- https://lists.debian.org/debian-lts-announce/2022/10/msg00026.html
- https://security.netapp.com/advisory/ntap-20221020-0002/
- https://security.netapp.com/advisory/ntap-20221020-0002/
- https://ubuntu.com/security/notices/USN-5481-1
- https://ubuntu.com/security/notices/USN-5481-1