Описание
Security update for bluez
This update for bluez fixes the following issues:
- CVE-2021-3588: Fixed a missing bounds checks inside cli_feat_read_cb() function in src/gatt-database.c (bsc#1187165)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP3
bluez-5.55-3.6.1
libbluetooth3-5.55-3.6.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
bluez-devel-5.55-3.6.1
SUSE Linux Enterprise Workstation Extension 15 SP3
bluez-cups-5.55-3.6.1
Ссылки
- Link for SUSE-SU-2021:2459-1
- E-Mail link for SUSE-SU-2021:2459-1
- SUSE Security Ratings
- SUSE Bug 1187165
- SUSE CVE CVE-2021-3588 page
Описание
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP3:bluez-5.55-3.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP3:libbluetooth3-5.55-3.6.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:bluez-devel-5.55-3.6.1
SUSE Linux Enterprise Workstation Extension 15 SP3:bluez-cups-5.55-3.6.1
Ссылки
- CVE-2021-3588
- SUSE Bug 1187165