OVAL Reference oval:com.ubuntu.precise:def:20169804000

ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. "> OVAL Reference oval:com.ubuntu.precise:def:20169804000 - CERT Civis.Net

Oval Definition:

oval:com.ubuntu.precise:def:20169804000

Revision Date:	2016-12-03	Version:	1
Title:	CVE-2016-9804 on Ubuntu 12.04 LTS (precise) - low.
Description:	In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-9804
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND The 'bluez' package in precise is affected, but a decision has been made to defer addressing it (note: '2017-03-31').

BACK