Описание
Security update for bluez
This update for bluez fixes the following issues:
- CVE-2019-8921: Fixed heap-based buffer overflow via crafted request (bsc#1193237).
- CVE-2016-9803: Fixed memory leak (bsc#1013885).
Список пакетов
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 12 SP5
SUSE Linux Enterprise Workstation Extension 12 SP5
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 9
Ссылки
- Link for SUSE-SU-2022:3718-1
- E-Mail link for SUSE-SU-2022:3718-1
- SUSE Security Ratings
- SUSE Bug 1013885
- SUSE Bug 1193237
- SUSE CVE CVE-2016-9803 page
- SUSE CVE CVE-2019-8921 page
Описание
In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.
Затронутые продукты
Ссылки
- CVE-2016-9803
- SUSE Bug 1013885
Описание
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrary heap data. The root cause can be found in the function service_attr_req of sdpd-request.c. The server does not check whether the CSTATE data is the same in consecutive requests, and instead simply trusts that it is the same.
Затронутые продукты
Ссылки
- CVE-2019-8921
- SUSE Bug 1193237