CVE-2022-0204: 
NixOS vulnerability analysis and mitigation

A heap overflow vulnerability (CVE-2022-0204) was discovered in BlueZ versions prior to 5.63. The vulnerability was found in the implementation of the GATT protocol, affecting the Bluetooth stack on Linux systems (NVD, CVE).

The vulnerability is caused by an integer overflow in the GATT protocol implementation when appending prepare writes. The issue occurs in the prepare write functionality where insufficient length checks allow for a heap overflow condition. The vulnerability has a CVSS 3.1 base score of 8.8 (High), requiring adjacent network access with no authentication needed (Ubuntu, GitHub Advisory).

An attacker with local network access could exploit this vulnerability by passing specially crafted files, causing an application to halt or crash, leading to a denial of service. Some researchers have suggested that under specific conditions, this vulnerability could potentially lead to remote code execution in user mode when combined with other vulnerabilities (GitHub Advisory, Debian).

The vulnerability has been fixed in BlueZ version 5.63 and later. The fix includes additional length checks when appending prepare writes to prevent the integer overflow condition. Users and administrators are advised to upgrade to the patched version. The fix was implemented through a commit that adds proper length validation checks (GitHub Commit, Gentoo).