vulnerability

Debian: CVE-2018-5383: firmware-nonfree -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:A/AC:M/Au:N/C:P/I:P/A:N)	Aug 7, 2018	Apr 2, 2019	Aug 15, 2025

Severity

CVSS

(AV:A/AC:M/Au:N/C:P/I:P/A:N)

Published

Aug 7, 2018

Added

Apr 2, 2019

Modified

Aug 15, 2025

Description

Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.

Solution

debian-upgrade-firmware-nonfree

References

CVE-2018-5383
https://attackerkb.com/topics/CVE-2018-5383
CWE-325
CWE-347
DEBIAN-DLA-1747-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today