Описание
Security update for bluez
This update for bluez fixes the following issues:
- CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
libbluetooth3-5.48-5.19.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
libbluetooth3-5.48-5.19.1
SUSE Linux Enterprise Module for Desktop Applications 15
bluez-5.48-5.19.1
bluez-devel-5.48-5.19.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
bluez-5.48-5.19.1
bluez-devel-5.48-5.19.1
SUSE Linux Enterprise Workstation Extension 15
bluez-cups-5.48-5.19.1
SUSE Linux Enterprise Workstation Extension 15 SP1
bluez-cups-5.48-5.19.1
Ссылки
- Link for SUSE-SU-2019:3046-1
- E-Mail link for SUSE-SU-2019:3046-1
- SUSE Security Ratings
- SUSE Bug 1013712
- SUSE CVE CVE-2016-9798 page
Описание
In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP1:libbluetooth3-5.48-5.19.1
SUSE Linux Enterprise Module for Basesystem 15:libbluetooth3-5.48-5.19.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:bluez-5.48-5.19.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:bluez-devel-5.48-5.19.1
Ссылки
- CVE-2016-9798
- SUSE Bug 1013708
- SUSE Bug 1013712
- SUSE Bug 1013732