Login Sign Up

CVE-2022-0204

8.8 HIGH
Denial of Service

📋 TL;DR

CVE-2022-0204 is a heap overflow vulnerability in BlueZ Bluetooth stack versions before 5.63. An attacker on the local network can send specially crafted files to cause denial of service through application crashes. Systems using BlueZ for Bluetooth functionality are affected.

💻 Affected Systems

Products:
  • BlueZ Bluetooth stack
Versions: All versions prior to 5.63
Operating Systems: Linux distributions using BlueZ
Default Config Vulnerable: ⚠️ Yes
Notes: Systems with Bluetooth enabled and BlueZ installed are vulnerable. Many Linux distributions include BlueZ by default.

📦 What is this software?

Bluez by Bluez

View all CVEs affecting Bluez →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of service of Bluetooth services, potentially disrupting device connectivity and functionality.

🟠

Likely Case

Application crashes leading to temporary Bluetooth service disruption until services restart.

🟢

If Mitigated

Minimal impact with proper network segmentation and updated software.

🌐 Internet-Facing: LOW - Requires local network access, not directly internet exploitable.
🏢 Internal Only: MEDIUM - Attackers on local network can exploit, but requires specific conditions.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires local network access and ability to send specially crafted files to BlueZ services.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: BlueZ 5.63 and later

Vendor Advisory: https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q

Restart Required: Yes

Instructions:

1. Update BlueZ to version 5.63 or later using your distribution's package manager. 2. Restart Bluetooth services. 3. Verify the update was successful.

🔧 Temporary Workarounds

Disable Bluetooth if not needed

linux

Temporarily disable Bluetooth services to prevent exploitation

sudo systemctl stop bluetooth
sudo systemctl disable bluetooth

Network segmentation

all

Isolate Bluetooth devices on separate network segments

🧯 If You Can't Patch

  • Implement strict network access controls to limit who can access Bluetooth services
  • Monitor for unusual Bluetooth service crashes or restart patterns

🔍 How to Verify

Check if Vulnerable:

Check BlueZ version with: bluetoothd --version

Check Version:

bluetoothd --version || bluetoothctl --version

Verify Fix Applied:

Verify version is 5.63 or higher and test Bluetooth functionality

📡 Detection & Monitoring

Log Indicators:

  • Unexpected Bluetooth service crashes in system logs
  • Multiple Bluetooth service restarts

Network Indicators:

  • Unusual Bluetooth file transfer attempts from unknown sources

SIEM Query:

source="systemd" "bluetooth" AND ("crash" OR "segfault" OR "restart")

📊 Metadata

CVE ID: CVE-2022-0204
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-119
Published: March 10, 2022
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-0204, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)