CVE-2020-25673
- EPSS 0.48%
- Veröffentlicht 26.05.2021 11:15:08
- Zuletzt bearbeitet 21.11.2024 05:18:25
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
CVE-2020-25672
- EPSS 3.26%
- Veröffentlicht 25.05.2021 20:15:07
- Zuletzt bearbeitet 21.11.2024 05:18:25
A memory leak vulnerability was found in Linux kernel in llcp_sock_connect
CVE-2020-26555
- EPSS 0.89%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:15:57
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556
- EPSS 0.91%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 21.11.2024 05:20:04
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by...
CVE-2020-26557
- EPSS 0.83%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:15:57
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently...
CVE-2020-26558
- EPSS 0.87%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:15:58
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public ke...
CVE-2020-26559
- EPSS 0.85%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:15:58
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce p...
CVE-2020-26560
- EPSS 0.86%
- Veröffentlicht 24.05.2021 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:15:58
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetK...
CVE-2021-3483
- EPSS 0.36%
- Veröffentlicht 17.05.2021 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:21:39
A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to con...
CVE-2021-33033
- EPSS 0.57%
- Veröffentlicht 14.05.2021 23:15:09
- Zuletzt bearbeitet 21.11.2024 06:08:09
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.