{"id":"CVE-2020-27153","details":"In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.","modified":"2026-04-16T00:07:04.780066170Z","published":"2020-10-15T03:15:12.120Z","related":["ALSA-2021:1598","SUSE-SU-2020:3034-1","SUSE-SU-2020:3165-1","openSUSE-SU-2020:1876-1","openSUSE-SU-2020:1880-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","cpe":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"10.0"}]},{"source":"CPE_FIELD","cpe":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"9.0"}]},{"source":"CPE_FIELD","cpe":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"15.1"}]},{"source":"CPE_FIELD","cpe":"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*","extracted_events":[{"last_affected":"15.2"}]}]},"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00034.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00036.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/10/msg00022.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202011-01"},{"type":"ADVISORY","url":"https://www.debian.org/security/2021/dsa-4951"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1884817"},{"type":"FIX","url":"https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a"},{"type":"FIX","url":"https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd95e5fed20d36fe8e077f07"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bluez/bluez","events":[{"introduced":"0"},{"fixed":"5a180f2ec9edfacafd95e5fed20d36fe8e077f07"},{"fixed":"1cd644db8c23a2f530ddb93cebed7dacc5f5721a"}],"database_specific":{"source":["CPE_FIELD","REFERENCES"],"cpe":"cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"5.55"}]}}],"versions":["4.0","4.1","4.10","4.100","4.101","4.11","4.12","4.13","4.14","4.15","4.16","4.17","4.18","4.19","4.2","4.20","4.21","4.22","4.23","4.24","4.25","4.26","4.27","4.28","4.29","4.30","4.31","4.32","4.33","4.34","4.35","4.36","4.37","4.38","4.39","4.40","4.41","4.42","4.43","4.44","4.45","4.46","4.47","4.48","4.49","4.5","4.50","4.51","4.52","4.53","4.54","4.55","4.56","4.57","4.58","4.59","4.6","4.60","4.61","4.62","4.63","4.64","4.65","4.66","4.67","4.68","4.69","4.7","4.70","4.71","4.72","4.73","4.74","4.75","4.76","4.77","4.78","4.79","4.8","4.80","4.81","4.82","4.83","4.84","4.85","4.86","4.87","4.88","4.89","4.9","4.90","4.91","4.92","4.93","4.94","4.95","4.96","4.97","4.98","4.99","5.0","5.1","5.10","5.11","5.12","5.13","5.14","5.15","5.16","5.17","5.18","5.19","5.2","5.20","5.21","5.22","5.23","5.24","5.25","5.26","5.27","5.28","5.29","5.3","5.30","5.31","5.32","5.33","5.34","5.35","5.36","5.37","5.38","5.39","5.4","5.40","5.41","5.42","5.43","5.44","5.45","5.46","5.47","5.48","5.49","5.5","5.50","5.51","5.52","5.53","5.54","5.6","5.7","5.8","5.9"],"database_specific":{"vanir_signatures_modified":"2026-04-12T00:37:50Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-27153.json","vanir_signatures":[{"signature_version":"v1","digest":{"line_hashes":["193031578723794859252025779680268025050","328489074626764670051532720376588187963","234780927341935949843624079351461986700","315667152069755274390545420421362562734","135989866379935825391429829556551430383","159111306259249961601994318252371408006","133457257734803768519132419718574797765","158108262920956119807404915421559473776","254205889322255188941922808524596469852","328180784454490762655644906709495665121","3509613340198738847501478267685258168","216061193566643570294522832304722192320","100307739094877673628949319102881601483","165653913577279199058309468338404586834","236085318238112343811746810732155052492","20473985302098799622098429475406693735","127270796435307027120357940523067201530","74521990784890663215507818586454338326","207218834111476324065311991714828591242","276679355697489795698190647522775802440","97412044546354208512225428254390029890","10550507841831675259749901203115382645","158710138297906037179770610129074560535","154523380595998693114353828452535992602"],"threshold":0.9},"id":"CVE-2020-27153-5c9af719","source":"https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a","deprecated":false,"target":{"file":"src/shared/att.c"},"signature_type":"Line"},{"signature_version":"v1","digest":{"function_hash":"251085821085271362817089067465857009678","length":665},"id":"CVE-2020-27153-5dcc1a0f","source":"https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a","deprecated":false,"target":{"function":"bt_att_cancel","file":"src/shared/att.c"},"signature_type":"Function"},{"signature_version":"v1","digest":{"function_hash":"331238215432473323968595143202019330246","length":1133},"id":"CVE-2020-27153-5debd5f7","source":"https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a","deprecated":false,"target":{"function":"disconnect_cb","file":"src/shared/att.c"},"signature_type":"Function"},{"signature_version":"v1","digest":{"function_hash":"217313407953137803246294354082360522010","length":190},"id":"CVE-2020-27153-62583467","source":"https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a","deprecated":false,"target":{"function":"cancel_att_send_op","file":"src/shared/att.c"},"signature_type":"Function"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}]}