ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. "> ptr",parameter. This,issue,can,be,triggered,by,processing,a,corrupted,dump,file,and will,result,in,hcidump,crash. "> SecuritySpace - CVE-2016-9804
 
 
 Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2016-9804
Description:In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2016-9804
BugTraq ID: 94652
http://www.securityfocus.com/bid/94652
https://www.spinics.net/lists/linux-bluetooth/msg68892.html




© 1998-2024 E-Soft Inc. All rights reserved.