Login Sign Up

CVE-2023-51592

5.7 MEDIUM
Buffer Overflow

📋 TL;DR

This vulnerability in BlueZ's AVRCP protocol allows network-adjacent attackers to read sensitive information from memory via Bluetooth when a user connects to a malicious device. The flaw exists due to improper bounds checking when parsing media folder data, potentially leading to information disclosure. Affected systems are those running vulnerable versions of BlueZ with Bluetooth enabled.

💻 Affected Systems

Products:
  • BlueZ
Versions: Versions prior to the fix (specific version depends on distribution)
Operating Systems: Linux distributions using BlueZ
Default Config Vulnerable: ⚠️ Yes
Notes: Requires Bluetooth enabled and AVRCP profile support. User must connect to malicious Bluetooth device.

📦 What is this software?

Bluez by Bluez

View all CVEs affecting Bluez →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution with root privileges.

🟠

Likely Case

Information disclosure of sensitive memory contents to a network-adjacent attacker via Bluetooth.

🟢

If Mitigated

Limited information disclosure if Bluetooth is disabled or proper network segmentation is in place.

🌐 Internet-Facing: LOW - Requires Bluetooth proximity, not internet connectivity.
🏢 Internal Only: MEDIUM - Requires physical proximity or internal network access to Bluetooth range.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction (connecting to malicious device) and network adjacency. Combined with other vulnerabilities for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check your Linux distribution's security updates for BlueZ patches

Vendor Advisory: https://www.zerodayinitiative.com/advisories/ZDI-23-1905/

Restart Required: Yes

Instructions:

1. Update BlueZ package via your distribution's package manager. 2. Restart Bluetooth service or reboot system. 3. Verify the update was applied.

🔧 Temporary Workarounds

Disable Bluetooth

linux

Completely disable Bluetooth to prevent exploitation

sudo systemctl stop bluetooth
sudo systemctl disable bluetooth

Disable AVRCP Profile

linux

Disable the vulnerable AVRCP profile while keeping Bluetooth functional

Modify /etc/bluetooth/main.conf to remove or comment AVRCP support

🧯 If You Can't Patch

  • Disable Bluetooth completely on affected systems
  • Implement strict Bluetooth device pairing policies and only allow trusted devices

🔍 How to Verify

Check if Vulnerable:

Check BlueZ version: bluetoothctl --version or dpkg -l | grep bluez

Check Version:

bluetoothctl --version

Verify Fix Applied:

Verify BlueZ version is updated and check for CVE-2023-51592 in vulnerability scans

📡 Detection & Monitoring

Log Indicators:

  • Unusual Bluetooth connection attempts
  • AVRCP protocol errors in Bluetooth logs

Network Indicators:

  • Suspicious Bluetooth device connections
  • AVRCP traffic from unknown devices

SIEM Query:

source="bluetooth" AND (event="connection" OR event="avrcp") AND device_name="*malicious*"

📊 Metadata

CVE ID: CVE-2023-51592
CVSS v3 Score: 5.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-125
Published: May 3, 2024
Last Updated: July 8, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-51592, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)