{"id":"ALPINE-CVE-2020-27153","details":"In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.","modified":"2025-11-19T06:17:57.232916Z","published":"2020-10-15T03:15:12.120Z","upstream":["CVE-2020-27153"],"references":[{"type":"ADVISORY","url":"https://security.alpinelinux.org/vuln/CVE-2020-27153"}],"affected":[{"package":{"name":"bluez","ecosystem":"Alpine:v3.10","purl":"pkg:apk/alpine/bluez?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.50-r5"}]}],"versions":["4.101-r0","4.101-r1","4.101-r2","4.101-r3","4.64-r0","4.64-r1","4.69-r0","4.69-r1","4.69-r2","4.72-r0","4.81-r0","4.87-r0","4.89-r0","4.90-r0","4.90-r1","4.91-r0","4.93-r0","4.93-r1","4.94-r0","4.94-r1","4.95-r0","4.96-r0","4.99-r0","4.99-r1","4.99-r2","5.10-r0","5.11-r0","5.11-r1","5.13-r0","5.13-r1","5.14-r0","5.16-r0","5.18-r0","5.19-r0","5.20-r0","5.21-r0","5.22-r0","5.23-r0","5.24-r0","5.25-r0","5.26-r0","5.27-r0","5.28-r0","5.30-r0","5.30-r1","5.31-r0","5.32-r0","5.33-r0","5.34-r0","5.36-r0","5.37-r0","5.38-r0","5.39-r0","5.40-r0","5.40-r1","5.41-r0","5.42-r0","5.43-r0","5.44-r0","5.44-r1","5.44-r2","5.44-r3","5.45-r0","5.46-r0","5.47-r0","5.47-r1","5.47-r2","5.47-r3","5.48-r0","5.49-r0","5.49-r1","5.49-r2","5.50-r0","5.50-r1","5.50-r2","5.50-r3","5.50-r4","5.9-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-27153.json"}},{"package":{"name":"bluez","ecosystem":"Alpine:v3.11","purl":"pkg:apk/alpine/bluez?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.52-r2"}]}],"versions":["4.101-r0","4.101-r1","4.101-r2","4.101-r3","4.64-r0","4.64-r1","4.69-r0","4.69-r1","4.69-r2","4.72-r0","4.81-r0","4.87-r0","4.89-r0","4.90-r0","4.90-r1","4.91-r0","4.93-r0","4.93-r1","4.94-r0","4.94-r1","4.95-r0","4.96-r0","4.99-r0","4.99-r1","4.99-r2","5.10-r0","5.11-r0","5.11-r1","5.13-r0","5.13-r1","5.14-r0","5.16-r0","5.18-r0","5.19-r0","5.20-r0","5.21-r0","5.22-r0","5.23-r0","5.24-r0","5.25-r0","5.26-r0","5.27-r0","5.28-r0","5.30-r0","5.30-r1","5.31-r0","5.32-r0","5.33-r0","5.34-r0","5.36-r0","5.37-r0","5.38-r0","5.39-r0","5.40-r0","5.40-r1","5.41-r0","5.42-r0","5.43-r0","5.44-r0","5.44-r1","5.44-r2","5.44-r3","5.45-r0","5.46-r0","5.47-r0","5.47-r1","5.47-r2","5.47-r3","5.48-r0","5.49-r0","5.49-r1","5.49-r2","5.50-r0","5.50-r1","5.50-r2","5.50-r3","5.50-r4","5.51-r0","5.52-r0","5.52-r1","5.9-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-27153.json"}},{"package":{"name":"bluez","ecosystem":"Alpine:v3.12","purl":"pkg:apk/alpine/bluez?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.54-r6"}]}],"versions":["4.101-r0","4.101-r1","4.101-r2","4.101-r3","4.64-r0","4.64-r1","4.69-r0","4.69-r1","4.69-r2","4.72-r0","4.81-r0","4.87-r0","4.89-r0","4.90-r0","4.90-r1","4.91-r0","4.93-r0","4.93-r1","4.94-r0","4.94-r1","4.95-r0","4.96-r0","4.99-r0","4.99-r1","4.99-r2","5.10-r0","5.11-r0","5.11-r1","5.13-r0","5.13-r1","5.14-r0","5.16-r0","5.18-r0","5.19-r0","5.20-r0","5.21-r0","5.22-r0","5.23-r0","5.24-r0","5.25-r0","5.26-r0","5.27-r0","5.28-r0","5.30-r0","5.30-r1","5.31-r0","5.32-r0","5.33-r0","5.34-r0","5.36-r0","5.37-r0","5.38-r0","5.39-r0","5.40-r0","5.40-r1","5.41-r0","5.42-r0","5.43-r0","5.44-r0","5.44-r1","5.44-r2","5.44-r3","5.45-r0","5.46-r0","5.47-r0","5.47-r1","5.47-r2","5.47-r3","5.48-r0","5.49-r0","5.49-r1","5.49-r2","5.50-r0","5.50-r1","5.50-r2","5.50-r3","5.50-r4","5.51-r0","5.52-r0","5.53-r0","5.54-r0","5.54-r1","5.54-r2","5.54-r3","5.54-r4","5.54-r5","5.9-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-27153.json"}},{"package":{"name":"bluez","ecosystem":"Alpine:v3.9","purl":"pkg:apk/alpine/bluez?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.50-r2"}]}],"versions":["4.101-r0","4.101-r1","4.101-r2","4.101-r3","4.64-r0","4.64-r1","4.69-r0","4.69-r1","4.69-r2","4.72-r0","4.81-r0","4.87-r0","4.89-r0","4.90-r0","4.90-r1","4.91-r0","4.93-r0","4.93-r1","4.94-r0","4.94-r1","4.95-r0","4.96-r0","4.99-r0","4.99-r1","4.99-r2","5.10-r0","5.11-r0","5.11-r1","5.13-r0","5.13-r1","5.14-r0","5.16-r0","5.18-r0","5.19-r0","5.20-r0","5.21-r0","5.22-r0","5.23-r0","5.24-r0","5.25-r0","5.26-r0","5.27-r0","5.28-r0","5.30-r0","5.30-r1","5.31-r0","5.32-r0","5.33-r0","5.34-r0","5.36-r0","5.37-r0","5.38-r0","5.39-r0","5.40-r0","5.40-r1","5.41-r0","5.42-r0","5.43-r0","5.44-r0","5.44-r1","5.44-r2","5.44-r3","5.45-r0","5.46-r0","5.47-r0","5.47-r1","5.47-r2","5.47-r3","5.48-r0","5.49-r0","5.49-r1","5.49-r2","5.50-r0","5.50-r1","5.9-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-27153.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}]}