CVE-2016-9800
- Source
- https://cve.org/CVERecord?id=CVE-2016-9800
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9800.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-9800
- Downstream
- Related
- Published
- 2016-12-03T06:59:05.137Z
- Modified
- 2026-05-30T08:41:03.860281Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
In BlueZ 5.42, a buffer overflow was observed in "pincodereplydump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pincodereplycp *cp" parameter.
- References
Affected packages
Git / github.com/bluez/bluez
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bluez/bluez
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "source": "CPE_STRING", "cpe": "cpe:2.3:a:bluez:bluez:5.42:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "0" }, { "last_affected": "5.42" } ] }
Affected versions
4.*
4.0
4.1
4.10
4.100
4.101
4.11
4.12
4.13
4.14
4.15
4.16
4.17
4.18
4.19
4.2
4.20
4.21
4.22
4.23
4.24
4.25
4.26
4.27
4.28
4.29
4.30
4.31
4.32
4.33
4.34
4.35
4.36
4.37
4.38
4.39
4.40
4.41
4.42
4.43
4.44
4.45
4.46
4.47
4.48
4.49
4.5
4.50
4.51
4.52
4.53
4.54
4.55
4.56
4.57
4.58
4.59
4.6
4.60
4.61
4.62
4.63
4.64
4.65
4.66
4.67
4.68
4.69
4.7
4.70
4.71
4.72
4.73
4.74
4.75
4.76
4.77
4.78
4.79
4.8
4.80
4.81
4.82
4.83
4.84
4.85
4.86
4.87
4.88
4.89
4.9
4.90
4.91
4.92
4.93
4.94
4.95
4.96
4.97
4.98
4.99
5.*
5.0
5.1
5.10
5.11
5.12
5.13
5.14
5.15
5.16
5.17
5.18
5.19
5.2
5.20
5.21
5.22
5.23
5.24
5.25
5.26
5.27
5.28
5.29
5.3
5.30
5.31
5.32
5.33
5.34
5.35
5.36
5.37
5.38
5.39
5.4
5.40
5.41
5.42
5.5
5.6
5.7
5.8
5.9