Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

BlueZ — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting BlueZ. AI-powered Chinese analysis, POCs, and references for each vulnerability.

BlueZ serves as the official Linux kernel protocol stack for Bluetooth, enabling wireless communication across devices. Historically, it has been susceptible to remote code execution, denial-of-service, and privilege escalation vulnerabilities, often through flawed authentication or buffer handling in its protocol implementations. With 12 CVEs currently on record, security researchers have identified issues in its L2CAP, HCI, and service discovery layers. Notable incidents include flaws allowing unauthorized device pairing and connection hijacking, though no major widespread breaches have been publicly attributed to these vulnerabilities. The project maintains regular security updates, but its complex attack surface continues to present challenges for secure Bluetooth implementation in Linux environments.

Found 12 results / 12Clear Filters
Top products by BlueZ: BlueZ
CVE IDTitleCVSSSeverityPublished
CVE-2024-8805 BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability — BlueZCWE-284 8.8 -2024-11-22
CVE-2023-51596 BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability — BlueZCWE-122 8.0 -2024-05-03
CVE-2023-51594 BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability — BlueZCWE-125 5.7 -2024-05-03
CVE-2023-51592 BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability — BlueZCWE-125 5.7 -2024-05-03
CVE-2023-51589 BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability — BlueZCWE-125 5.7 -2024-05-03
CVE-2023-51580 BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability — BlueZCWE-125 5.7 -2024-05-03
CVE-2023-50229 BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability — BlueZCWE-122 8.0 -2024-05-03
CVE-2023-50230 BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability — BlueZCWE-122 8.0 -2024-05-03
CVE-2023-44431 BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability — BlueZCWE-121 8.0 -2024-05-03
CVE-2023-27349 BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability — BlueZCWE-129 8.0 -2024-05-03
CVE-2021-41229 Memory leak in BlueZ — bluezCWE-400 4.3 Medium2021-11-12
CVE-2021-3588 memory contents disclosure in cli_feat_read_cb — BlueZCWE-788 3.3 Low2021-06-10

This page lists every published CVE security advisory associated with BlueZ. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.