Gentoo Linux Security Advisory GLSA 200903-29 – Insufficient input validation in BlueZ may lead to arbitrary code execution or a Denial of Service. It has been reported that the Bluetooth packet parser does not validate string length fields in SDP packets. Versions less than 3.36 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/75770/glsa-200903-29.txt
Source: https://packetstormsecurity.com/files/75770/Gentoo-Linux-Security-Advisory-200903-29.html