Описание
Security update for bluez
This update for bluez fixes the following issues:
- CVE-2022-0204: Fixed check if the prepare writes would append more than the allowed maximum attribute length (bsc#1194704).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP4
bluez-5.62-150400.4.5.1
bluez-deprecated-5.62-150400.4.5.1
libbluetooth3-5.62-150400.4.5.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4
bluez-devel-5.62-150400.4.5.1
SUSE Linux Enterprise Workstation Extension 15 SP4
bluez-cups-5.62-150400.4.5.1
openSUSE Leap 15.4
bluez-5.62-150400.4.5.1
bluez-auto-enable-devices-5.62-150400.4.5.1
bluez-cups-5.62-150400.4.5.1
bluez-deprecated-5.62-150400.4.5.1
bluez-devel-5.62-150400.4.5.1
bluez-devel-32bit-5.62-150400.4.5.1
bluez-test-5.62-150400.4.5.1
libbluetooth3-5.62-150400.4.5.1
libbluetooth3-32bit-5.62-150400.4.5.1
Ссылки
- Link for SUSE-SU-2022:3247-1
- E-Mail link for SUSE-SU-2022:3247-1
- SUSE Security Ratings
- SUSE Bug 1194704
- SUSE CVE CVE-2022-0204 page
Описание
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP4:bluez-5.62-150400.4.5.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:bluez-deprecated-5.62-150400.4.5.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:libbluetooth3-5.62-150400.4.5.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP4:bluez-devel-5.62-150400.4.5.1
Ссылки
- CVE-2022-0204
- SUSE Bug 1194704