CVE-2021-47620
MEDIUMLinux Kernel < 4.4.302 - Out-of-bounds Read in Bluetooth Advertisement Data Processing
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of while num_reports loop, and would fill journal with false positives. Added check to beginning of loop processing so that it doesn't get checked after ptr has been advanced.
References (9)
Core 9
Core References
Scores
CVSS v3
5.5
EPSS
0.0022
EPSS Percentile
12.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (18)
Linux/Linux
048acfa4daf167b007b6bd8bef474e90c2282a5f - 305e92f525450f3e1b5f5c9dc7eadb152d66a082
Linux/Linux
185c77cbb53bc7481acc5a0b4e6119bbe393d561 - 5a539c08d743d9910631448da78af5e961664c0e
Linux/Linux
24161b9c43de966789d5956428f45002d10f878e - 835d3706852537bf92eb23eb8635b8dee0c0aa67
Linux/Linux
2de0e6a71ceb056e17e4684dce8b7640367996f9 - bcea886771c3f22a590c8c8b9139a107bd7f1e1c
Linux/Linux
3a56ef719f0b9682afb8a86d64b2399e36faa4e6 - 899663be5e75dc0174dc8bda0b5e6826edf0b29a
Linux/Linux
4.14.263 - 4.14.265
Linux/Linux
4.19.226 - 4.19.228
Linux/Linux
4.4.300 - 4.4.302
Linux/Linux
4.9.298 - 4.9.300
Linux/Linux
4a1491432394b22e585a185ffca49086e4046aae - 8819f93cd4a443dfe547aa622b21f723757df3fb
... and 8 more
Published
Jun 20, 2024
Tracked Since
Feb 18, 2026