Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:1778-1

Опубликовано: 21 июн. 2018
Источник: suse-cvrf

Описание

Security update for bluez

This update for bluez fixes the following issues:

Security issues fixed:

  • CVE-2016-9800: Fix hcidump memory leak in pin_code_reply_dump() (bsc#1013721).
  • CVE-2016-9804: Fix hcidump buffer overflow in commands_dump() (bsc#1013877).
  • CVE-2016-7837: Fix possible buffer overflow, make sure we don't write past the end of the array (bsc#1026652).
  • CVE-2017-1000250: Fix information disclosure vulnerability in service_search_attr_req (bsc#1057342).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP3
bluez-5.13-5.4.1
bluez-cups-5.13-5.4.1
libbluetooth3-5.13-5.4.1
SUSE Linux Enterprise Server 12 SP3
bluez-5.13-5.4.1
libbluetooth3-5.13-5.4.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
bluez-5.13-5.4.1
libbluetooth3-5.13-5.4.1
SUSE Linux Enterprise Software Development Kit 12 SP3
bluez-devel-5.13-5.4.1
SUSE Linux Enterprise Workstation Extension 12 SP3
bluez-cups-5.13-5.4.1

Ссылки

Описание

Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:bluez-5.13-5.4.1
SUSE Linux Enterprise Desktop 12 SP3:bluez-cups-5.13-5.4.1
SUSE Linux Enterprise Desktop 12 SP3:libbluetooth3-5.13-5.4.1
SUSE Linux Enterprise Server 12 SP3:bluez-5.13-5.4.1
Ссылки

Описание

In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:bluez-5.13-5.4.1
SUSE Linux Enterprise Desktop 12 SP3:bluez-cups-5.13-5.4.1
SUSE Linux Enterprise Desktop 12 SP3:libbluetooth3-5.13-5.4.1
SUSE Linux Enterprise Server 12 SP3:bluez-5.13-5.4.1
Ссылки

Описание

In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:bluez-5.13-5.4.1
SUSE Linux Enterprise Desktop 12 SP3:bluez-cups-5.13-5.4.1
SUSE Linux Enterprise Desktop 12 SP3:libbluetooth3-5.13-5.4.1
SUSE Linux Enterprise Server 12 SP3:bluez-5.13-5.4.1
Ссылки

Описание

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:bluez-5.13-5.4.1
SUSE Linux Enterprise Desktop 12 SP3:bluez-cups-5.13-5.4.1
SUSE Linux Enterprise Desktop 12 SP3:libbluetooth3-5.13-5.4.1
SUSE Linux Enterprise Server 12 SP3:bluez-5.13-5.4.1
Ссылки
Уязвимость SUSE-SU-2018:1778-1