CVE-2018-5383

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-5383
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-5383.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-5383
Related
Published
2018-08-07T21:29:00Z
Modified
2024-09-11T04:25:20.804435Z
Severity
  • 6.8 (Medium) CVSS_V3 - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

References

Affected packages

Debian:11 / firmware-nonfree

Package

Name
firmware-nonfree
Purl
pkg:deb/debian/firmware-nonfree?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20190114-1

Affected versions

0.*

0.1
0.2
0.3
0.4
0.4etch1
0.4+etchnhalf.1
0.5
0.6
0.7
0.8
0.9
0.10
0.11
0.12
0.13~bpo40+1
0.13
0.14
0.14+lenny1
0.14+lenny2
0.15
0.16~bpo50+1
0.16
0.17~bpo50+1
0.17
0.18
0.19
0.20
0.21
0.22
0.23~bpo50+1
0.23
0.24~bpo50+1
0.24
0.25
0.26
0.27~bpo50+1
0.27
0.28
0.28+squeeze1
0.29
0.30
0.31
0.32~bpo60+1
0.32
0.33
0.34
0.35~bpo60+1
0.35
0.36
0.36+wheezy.1~bpo60+1
0.36+wheezy.1
0.37
0.38~bpo70+1
0.38
0.39~bpo70+1
0.39
0.40~bpo70+1
0.40
0.41~bpo70+1
0.41
0.42
0.43~bpo70+1
0.43
0.44~bpo8+1
0.44

Other

20151018-1
20151018-2~bpo8+1
20151018-2
20151207-1~bpo8+1
20151207-1
20160110-1~bpo8+1
20160110-1
20160824-1~bpo8+1
20160824-1
20161130-1
20161130-2~bpo8+1
20161130-2
20161130-3~bpo8+1
20161130-3
20161130-4~deb8u1
20161130-4
20161130-5~deb8u1
20161130-5
20170823-1~bpo9+1
20170823-1
20180518-1~bpo9+1
20180518-1
20180825-1
20180825+dfsg-1~bpo9+1
20180825+dfsg-1
20190114-1~bpo9+1
20190114-1~bpo9+2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / firmware-nonfree

Package

Name
firmware-nonfree
Purl
pkg:deb/debian/firmware-nonfree?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20190114-1

Affected versions

0.*

0.1
0.2
0.3
0.4
0.4etch1
0.4+etchnhalf.1
0.5
0.6
0.7
0.8
0.9
0.10
0.11
0.12
0.13~bpo40+1
0.13
0.14
0.14+lenny1
0.14+lenny2
0.15
0.16~bpo50+1
0.16
0.17~bpo50+1
0.17
0.18
0.19
0.20
0.21
0.22
0.23~bpo50+1
0.23
0.24~bpo50+1
0.24
0.25
0.26
0.27~bpo50+1
0.27
0.28
0.28+squeeze1
0.29
0.30
0.31
0.32~bpo60+1
0.32
0.33
0.34
0.35~bpo60+1
0.35
0.36
0.36+wheezy.1~bpo60+1
0.36+wheezy.1
0.37
0.38~bpo70+1
0.38
0.39~bpo70+1
0.39
0.40~bpo70+1
0.40
0.41~bpo70+1
0.41
0.42
0.43~bpo70+1
0.43
0.44~bpo8+1
0.44

Other

20151018-1
20151018-2~bpo8+1
20151018-2
20151207-1~bpo8+1
20151207-1
20160110-1~bpo8+1
20160110-1
20160824-1~bpo8+1
20160824-1
20161130-1
20161130-2~bpo8+1
20161130-2
20161130-3~bpo8+1
20161130-3
20161130-4~deb8u1
20161130-4
20161130-5~deb8u1
20161130-5
20170823-1~bpo9+1
20170823-1
20180518-1~bpo9+1
20180518-1
20180825-1
20180825+dfsg-1~bpo9+1
20180825+dfsg-1
20190114-1~bpo9+1
20190114-1~bpo9+2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / firmware-nonfree

Package

Name
firmware-nonfree
Purl
pkg:deb/debian/firmware-nonfree?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20190114-1

Affected versions

0.*

0.1
0.2
0.3
0.4
0.4etch1
0.4+etchnhalf.1
0.5
0.6
0.7
0.8
0.9
0.10
0.11
0.12
0.13~bpo40+1
0.13
0.14
0.14+lenny1
0.14+lenny2
0.15
0.16~bpo50+1
0.16
0.17~bpo50+1
0.17
0.18
0.19
0.20
0.21
0.22
0.23~bpo50+1
0.23
0.24~bpo50+1
0.24
0.25
0.26
0.27~bpo50+1
0.27
0.28
0.28+squeeze1
0.29
0.30
0.31
0.32~bpo60+1
0.32
0.33
0.34
0.35~bpo60+1
0.35
0.36
0.36+wheezy.1~bpo60+1
0.36+wheezy.1
0.37
0.38~bpo70+1
0.38
0.39~bpo70+1
0.39
0.40~bpo70+1
0.40
0.41~bpo70+1
0.41
0.42
0.43~bpo70+1
0.43
0.44~bpo8+1
0.44

Other

20151018-1
20151018-2~bpo8+1
20151018-2
20151207-1~bpo8+1
20151207-1
20160110-1~bpo8+1
20160110-1
20160824-1~bpo8+1
20160824-1
20161130-1
20161130-2~bpo8+1
20161130-2
20161130-3~bpo8+1
20161130-3
20161130-4~deb8u1
20161130-4
20161130-5~deb8u1
20161130-5
20170823-1~bpo9+1
20170823-1
20180518-1~bpo9+1
20180518-1
20180825-1
20180825+dfsg-1~bpo9+1
20180825+dfsg-1
20190114-1~bpo9+1
20190114-1~bpo9+2

Ecosystem specific

{
    "urgency": "not yet assigned"
}