Launchpad CVE tracker

CVE 2021-3588

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.

Related bugs and status

CVE-2021-3588 (Candidate) is related to these bugs:

Bug #1926548: The gatt protocol has out-of-bounds read that leads to information leakage

		In	Importance	Status
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu)	Undecided	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	Bluez Utilities	Unknown	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu Hirsute)	Undecided	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu Impish)	Undecided	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu Groovy)	Undecided	Fix Released
1926548	The gatt protocol has out-of-bounds read that leads to information leakage	bluez (Ubuntu Focal)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2021-3588

References