src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
History

Fri, 17 Jan 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2008-07-07T23:00:00

Updated: 2025-01-17T15:15:36.238Z

Reserved: 2008-05-21T00:00:00

Link: CVE-2008-2374

cve-icon Vulnrichment

Updated: 2024-08-07T08:58:02.290Z

cve-icon NVD

Status : Modified

Published: 2008-07-07T23:41:00.000

Modified: 2025-01-17T16:15:25.913

Link: CVE-2008-2374

cve-icon Redhat

Severity : Moderate

Publid Date: 2008-06-16T00:00:00Z

Links: CVE-2008-2374 - Bugzilla