CVE-2016-9804 -- bluezID: oval:org.secpod.oval:def:2001223 | Date: (C)2019-06-03 (M)2021-11-09 |
Class: VULNERABILITY | Family: unix |
In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Platform: |
Debian 8.x |
Debian 9.x |