cve/2020/CVE-2020-12352.md

CVE-2020-12352

Description

Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

POC

Reference

• http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html
• http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html
• http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html
• http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/Charmve/BLE-Security-Attack-Defence
• https://github.com/Dikens88/hopp
• https://github.com/H4lo/awesome-IoT-security-article
• https://github.com/JeffroMF/awesome-bluetooth-security321
• https://github.com/Live-Hack-CVE/CVE-2020-25662
• https://github.com/WinMin/Protocol-Vul
• https://github.com/bcoles/kasld
• https://github.com/engn33r/awesome-bluetooth-security
• https://github.com/google/security-research
• https://github.com/hac425xxx/heap-exploitation-in-real-world
• https://github.com/joydo/CVE-Writeups
• https://github.com/kdn111/linux-kernel-exploitation
• https://github.com/khanhdn111/linux-kernel-exploitation
• https://github.com/khanhdz-06/linux-kernel-exploitation
• https://github.com/khanhdz191/linux-kernel-exploitation
• https://github.com/khanhhdz/linux-kernel-exploitation
• https://github.com/khanhhdz06/linux-kernel-exploitation
• https://github.com/khanhnd123/linux-kernel-exploitation
• https://github.com/knd06/linux-kernel-exploitation
• https://github.com/ndk191/linux-kernel-exploitation
• https://github.com/sgxgsx/BlueToolkit
• https://github.com/shannonmullins/hopp
• https://github.com/ssr-111/linux-kernel-exploitation
• https://github.com/xairy/linux-kernel-exploitation