Описание
Security update for bluez
This update for bluez fixes the following issues:
- CVE-2022-0204: Fixed a buffer overflow in the implementation of the gatt protocol (bsc#1194704).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP3
bluez-5.55-150300.3.11.1
bluez-deprecated-5.55-150300.3.11.1
libbluetooth3-5.55-150300.3.11.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
bluez-devel-5.55-150300.3.11.1
SUSE Linux Enterprise Workstation Extension 15 SP3
bluez-cups-5.55-150300.3.11.1
openSUSE Leap 15.3
bluez-5.55-150300.3.11.1
bluez-auto-enable-devices-5.55-150300.3.11.1
bluez-cups-5.55-150300.3.11.1
bluez-deprecated-5.55-150300.3.11.1
bluez-devel-5.55-150300.3.11.1
bluez-devel-32bit-5.55-150300.3.11.1
bluez-test-5.55-150300.3.11.1
libbluetooth3-5.55-150300.3.11.1
libbluetooth3-32bit-5.55-150300.3.11.1
Ссылки
- Link for SUSE-SU-2022:2883-1
- E-Mail link for SUSE-SU-2022:2883-1
- SUSE Security Ratings
- SUSE Bug 1194704
- SUSE CVE CVE-2022-0204 page
Описание
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP3:bluez-5.55-150300.3.11.1
SUSE Linux Enterprise Module for Basesystem 15 SP3:bluez-deprecated-5.55-150300.3.11.1
SUSE Linux Enterprise Module for Basesystem 15 SP3:libbluetooth3-5.55-150300.3.11.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3:bluez-devel-5.55-150300.3.11.1
Ссылки
- CVE-2022-0204
- SUSE Bug 1194704