Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:0156-1

Опубликовано: 26 янв. 2023
Источник: suse-cvrf

Описание

Security update for bluez

This update for bluez fixes the following issues:

  • CVE-2022-39176: Fixed a memory safety issue that could allow physically proximate attackers to obtain sensitive information (bsc#1203121).
  • CVE-2022-39177: Fixed a memory safety issue that could allow physically proximate attackers to cause a denial of service (bsc#1203120).

Список пакетов

SUSE Enterprise Storage 7
bluez-5.48-150200.13.22.1
bluez-devel-5.48-150200.13.22.1
libbluetooth3-5.48-150200.13.22.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
bluez-5.48-150200.13.22.1
bluez-devel-5.48-150200.13.22.1
libbluetooth3-5.48-150200.13.22.1
SUSE Linux Enterprise Server 15 SP2-LTSS
bluez-5.48-150200.13.22.1
bluez-devel-5.48-150200.13.22.1
libbluetooth3-5.48-150200.13.22.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
bluez-5.48-150200.13.22.1
bluez-devel-5.48-150200.13.22.1
libbluetooth3-5.48-150200.13.22.1

Ссылки

Описание

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.

Затронутые продукты
SUSE Enterprise Storage 7:bluez-5.48-150200.13.22.1
SUSE Enterprise Storage 7:bluez-devel-5.48-150200.13.22.1
SUSE Enterprise Storage 7:libbluetooth3-5.48-150200.13.22.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bluez-5.48-150200.13.22.1
Ссылки

Описание

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.

Затронутые продукты
SUSE Enterprise Storage 7:bluez-5.48-150200.13.22.1
SUSE Enterprise Storage 7:bluez-devel-5.48-150200.13.22.1
SUSE Enterprise Storage 7:libbluetooth3-5.48-150200.13.22.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:bluez-5.48-150200.13.22.1
Ссылки