Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:2915-1

Опубликовано: 07 нояб. 2019
Источник: suse-cvrf

Описание

Security update for bluez

This update for bluez fixes the following issue:

  • CVE-2016-9798: Fixed a use-after-free in conf_opt (bsc#1013712).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP4
bluez-5.13-5.15.3
bluez-cups-5.13-5.15.3
libbluetooth3-5.13-5.15.3
SUSE Linux Enterprise Server 12 SP4
bluez-5.13-5.15.3
libbluetooth3-5.13-5.15.3
SUSE Linux Enterprise Server 12 SP5
bluez-5.13-5.15.3
libbluetooth3-5.13-5.15.3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
bluez-5.13-5.15.3
libbluetooth3-5.13-5.15.3
SUSE Linux Enterprise Server for SAP Applications 12 SP5
bluez-5.13-5.15.3
libbluetooth3-5.13-5.15.3
SUSE Linux Enterprise Software Development Kit 12 SP4
bluez-devel-5.13-5.15.3
SUSE Linux Enterprise Software Development Kit 12 SP5
bluez-devel-5.13-5.15.3
SUSE Linux Enterprise Workstation Extension 12 SP4
bluez-cups-5.13-5.15.3
SUSE Linux Enterprise Workstation Extension 12 SP5
bluez-cups-5.13-5.15.3

Ссылки

Описание

In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:bluez-5.13-5.15.3
SUSE Linux Enterprise Desktop 12 SP4:bluez-cups-5.13-5.15.3
SUSE Linux Enterprise Desktop 12 SP4:libbluetooth3-5.13-5.15.3
SUSE Linux Enterprise Server 12 SP4:bluez-5.13-5.15.3
Ссылки