CVE-2021-3588

Summary

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.

Affected Software

VendorProductVersion RangeStatus
BlueZBlueZunspecified < 5.56affected

Weaknesses

  • CWE-788: CWE-788 Access of Memory Location After End of Buffer
  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CVE Program Container

Additional References

References