{"id":"CVE-2022-0204","details":"A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.","modified":"2026-04-16T04:37:42.878217827Z","published":"2022-03-10T17:44:55.230Z","related":["GHSA-479m-xcq5-9g2q","SUSE-SU-2022:2837-1","SUSE-SU-2022:2883-1","SUSE-SU-2022:2948-1","SUSE-SU-2022:3247-1","openSUSE-SU-2024:12394-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00022.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00026.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202209-16"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039807"},{"type":"FIX","url":"https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0"},{"type":"EVIDENCE","url":"https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bluez/bluez","events":[{"introduced":"0"},{"fixed":"da07239606d62526287d55f35a778770b04196ea"},{"fixed":"591c546c536b42bef696d027f64aa22434f8c3f0"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.63"}]}}],"versions":["4.0","4.1","4.10","4.100","4.101","4.11","4.12","4.13","4.14","4.15","4.16","4.17","4.18","4.19","4.2","4.20","4.21","4.22","4.23","4.24","4.25","4.26","4.27","4.28","4.29","4.30","4.31","4.32","4.33","4.34","4.35","4.36","4.37","4.38","4.39","4.40","4.41","4.42","4.43","4.44","4.45","4.46","4.47","4.48","4.49","4.5","4.50","4.51","4.52","4.53","4.54","4.55","4.56","4.57","4.58","4.59","4.6","4.60","4.61","4.62","4.63","4.64","4.65","4.66","4.67","4.68","4.69","4.7","4.70","4.71","4.72","4.73","4.74","4.75","4.76","4.77","4.78","4.79","4.8","4.80","4.81","4.82","4.83","4.84","4.85","4.86","4.87","4.88","4.89","4.9","4.90","4.91","4.92","4.93","4.94","4.95","4.96","4.97","4.98","4.99","5.0","5.1","5.10","5.11","5.12","5.13","5.14","5.15","5.16","5.17","5.18","5.19","5.2","5.20","5.21","5.22","5.23","5.24","5.25","5.26","5.27","5.28","5.29","5.3","5.30","5.31","5.32","5.33","5.34","5.35","5.36","5.37","5.38","5.39","5.4","5.40","5.41","5.42","5.43","5.44","5.45","5.46","5.47","5.48","5.49","5.5","5.50","5.51","5.52","5.53","5.54","5.55","5.56","5.57","5.58","5.59","5.6","5.60","5.61","5.62","5.7","5.8","5.9"],"database_specific":{"vanir_signatures_modified":"2026-04-11T23:37:32Z","vanir_signatures":[{"signature_type":"Line","id":"CVE-2022-0204-27df0139","digest":{"line_hashes":["245983701743678431712287570712867372852","204872452563842121916948163942014134051","74592790094705381018705849185625643364","97652621860010509070483822321576483347","100595917246871049992004168001243166733","304996773202596487567244761678739916092","287623655062436781374106337048619503982","130799082809774549235180667228244751232","17973078705912842330586538744745511373"],"threshold":0.9},"target":{"file":"src/shared/gatt-server.c"},"signature_version":"v1","deprecated":false,"source":"https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0"},{"signature_type":"Function","id":"CVE-2022-0204-afe5e0ab","digest":{"function_hash":"16905689294561478361334181224246022371","length":1120},"target":{"function":"prep_write_cb","file":"src/shared/gatt-server.c"},"signature_version":"v1","deprecated":false,"source":"https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0"},{"signature_type":"Function","id":"CVE-2022-0204-f4573241","digest":{"function_hash":"185952619249472048974319101553271115226","length":1034},"target":{"function":"write_cb","file":"src/shared/gatt-server.c"},"signature_version":"v1","deprecated":false,"source":"https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0"}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0204.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}