Описание
Security update for bluez
This update for bluez fixes the following issues:
Security issues fixed:
- CVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).
- CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).
- CVE-2016-9917: Fixed a heap-based buffer overflow in read_n() (bsc#1015171).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Workstation Extension 15
Ссылки
- Link for SUSE-SU-2019:1353-1
- E-Mail link for SUSE-SU-2019:1353-1
- SUSE Security Ratings
- SUSE Bug 1013708
- SUSE Bug 1013712
- SUSE Bug 1013893
- SUSE Bug 1015171
- SUSE CVE CVE-2016-9797 page
- SUSE CVE CVE-2016-9798 page
- SUSE CVE CVE-2016-9802 page
- SUSE CVE CVE-2016-9917 page
Описание
In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Затронутые продукты
Ссылки
- CVE-2016-9797
- SUSE Bug 1013708
- SUSE Bug 1013712
Описание
In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Затронутые продукты
Ссылки
- CVE-2016-9798
- SUSE Bug 1013708
- SUSE Bug 1013712
- SUSE Bug 1013732
Описание
In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
Затронутые продукты
Ссылки
- CVE-2016-9802
- SUSE Bug 1013893
- SUSE Bug 1015173
Описание
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Затронутые продукты
Ссылки
- CVE-2016-9917
- SUSE Bug 1015171