Dubbed BleedingTooth, the collection of security flaw could allow for remote code execution attacks. The issue affects Linux kernel 4.8 and higher, and can be found in the open source BlueZ protocol stack. It has been assigned CVE 2020 12351 and a CVSS score of 8.3. Over on GitHub, Google researchers share details of BleedingTooth, describing it as a Heap Based Type Confusion in L2CAP.The security researcher say that the vulnerability is of high severity and offer sample code as a proof of...

Read the full article at Betanews

Wingeek Icon
More Developer News