CVE-2020-12352 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Information disclosure
Description	An information leak flaw was found in the way the Linux kernel's Bluetooth stack implementation handled initialization of stack memory when handling certain AMP packets. A remote attacker in adjacent range could use this flaw to leak small portions of stack memory on the system by sending a specially crafted AMP packets. The highest threat from this vulnerability is to data confidentiality.

Group	Package	Affected	Fixed	Severity	Status
AVG-1251	linux-hardened	5.8.14.a-1	5.8.16.a-1	High	Fixed
AVG-1250	linux-lts	5.4.71-1	5.4.72-1	High	Fixed
AVG-1249	linux-zen	5.9.zen1-1	5.9.1.zen2-1	High	Fixed
AVG-1248	linux	5.9.arch1-1	5.9.1.arch1-1	High	Fixed

Date	Advisory	Group	Package	Severity	Type
18 Oct 2020	ASA-202010-9	AVG-1251	linux-hardened	High	multiple issues
18 Oct 2020	ASA-202010-4	AVG-1250	linux-lts	High	multiple issues
18 Oct 2020	ASA-202010-3	AVG-1249	linux-zen	High	multiple issues
18 Oct 2020	ASA-202010-2	AVG-1248	linux	High	multiple issues

References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-1-luiz.dentz@gmail.com/ https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-1-luiz.dentz@gmail.com/
https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq