GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
References
Link | Resource |
---|---|
https://github.com/labapart/gattlib/issues/81 | Issue Tracking Exploit Third Party Advisory |
https://github.com/labapart/gattlib/issues/82 | Exploit Issue Tracking Third Party Advisory |
https://www.exploit-db.com/exploits/46215/ | Exploit Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2019-01-21 06:29
Updated : 2023-12-10 12:44
NVD link : CVE-2019-6498
Mitre link : CVE-2019-6498
CVE.ORG link : CVE-2019-6498
JSON object : View
Products Affected
labapart
- gattlib
CWE
CWE-125
Out-of-bounds Read