CVE-2022-39176 Information

Description

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.

Reference

https://ubuntu.com/security/notices/USN-5481-1 https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1977968