Описание
Security update for bluez
This update for bluez fixes the following issues:
- CVE-2020-27153: Fixed possible crash on disconnect (bsc#1177895).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP1
libbluetooth3-5.48-5.28.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
bluez-5.48-5.28.1
bluez-devel-5.48-5.28.1
SUSE Linux Enterprise Workstation Extension 15 SP1
bluez-cups-5.48-5.28.1
Ссылки
- Link for SUSE-SU-2020:3165-1
- E-Mail link for SUSE-SU-2020:3165-1
- SUSE Security Ratings
- SUSE Bug 1177895
- SUSE CVE CVE-2020-27153 page
Описание
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP1:libbluetooth3-5.48-5.28.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:bluez-5.48-5.28.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:bluez-devel-5.48-5.28.1
SUSE Linux Enterprise Workstation Extension 15 SP1:bluez-cups-5.48-5.28.1
Ссылки
- CVE-2020-27153
- SUSE Bug 1177895