USN-4989-1

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2020-26558 CVE-2020-27153 CVE-2021-3588 UBUNTU-CVE-2020-26558 UBUNTU-CVE-2020-27153 UBUNTU-CVE-2021-3588

Published: 16 Jun 2021, 12:18

Last modified:03 Jun 2026, 14:04

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

16 Jun 2021, 12:18

Published

Vulnerability first disclosed

03 Jun 2026, 14:04

Last Modified

Vulnerability information updated

Description

bluez vulnerabilities It was discovered that BlueZ incorrectly checked certain permissions when pairing. A local attacker could possibly use this issue to impersonate devices. (CVE-2020-26558) Jay LV discovered that BlueZ incorrectly handled redundant disconnect MGMT events. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27153) Ziming Zhang discovered that BlueZ incorrectly handled certain array indexes. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-3588)

Affected Systems

ubuntu•bluez
< 5.48-0ubuntu3.5 | < 5.53-0ubuntu3.2

USN-4989-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)