Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:0166-1

Опубликовано: 26 янв. 2023
Источник: suse-cvrf

Описание

Security update for bluez

This update for bluez fixes the following issues:

  • CVE-2022-39176: Fixed a memory safety issue that could allow physically proximate attackers to obtain sensitive information (bsc#1203121).
  • CVE-2022-39177: Fixed a memory safety issue that could allow physically proximate attackers to cause a denial of service (bsc#1203120).

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL
bluez-5.13-5.36.1
libbluetooth3-5.13-5.36.1
SUSE Linux Enterprise Server 12 SP4-LTSS
bluez-5.13-5.36.1
libbluetooth3-5.13-5.36.1
SUSE Linux Enterprise Server 12 SP5
bluez-5.13-5.36.1
libbluetooth3-5.13-5.36.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
bluez-5.13-5.36.1
libbluetooth3-5.13-5.36.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
bluez-5.13-5.36.1
libbluetooth3-5.13-5.36.1
SUSE Linux Enterprise Software Development Kit 12 SP5
bluez-devel-5.13-5.36.1
SUSE Linux Enterprise Workstation Extension 12 SP5
bluez-cups-5.13-5.36.1
SUSE OpenStack Cloud 9
bluez-5.13-5.36.1
libbluetooth3-5.13-5.36.1
SUSE OpenStack Cloud Crowbar 9
bluez-5.13-5.36.1
libbluetooth3-5.13-5.36.1

Ссылки

Описание

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:bluez-5.13-5.36.1
SUSE Linux Enterprise Server 12 SP2-BCL:libbluetooth3-5.13-5.36.1
SUSE Linux Enterprise Server 12 SP4-LTSS:bluez-5.13-5.36.1
SUSE Linux Enterprise Server 12 SP4-LTSS:libbluetooth3-5.13-5.36.1
Ссылки

Описание

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:bluez-5.13-5.36.1
SUSE Linux Enterprise Server 12 SP2-BCL:libbluetooth3-5.13-5.36.1
SUSE Linux Enterprise Server 12 SP4-LTSS:bluez-5.13-5.36.1
SUSE Linux Enterprise Server 12 SP4-LTSS:libbluetooth3-5.13-5.36.1
Ссылки