Описание
Security update for bluez
This update for bluez fixes the following issues:
- CVE-2022-39176: Fixed a memory safety issue that could allow physically proximate attackers to obtain sensitive information (bsc#1203121).
- CVE-2022-39177: Fixed a memory safety issue that could allow physically proximate attackers to cause a denial of service (bsc#1203120).
Список пакетов
SUSE Enterprise Storage 7.1
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
bluez-devel-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
bluez-devel-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
bluez-devel-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
SUSE Linux Enterprise Real Time 15 SP3
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
bluez-devel-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
SUSE Linux Enterprise Server 15 SP3-LTSS
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
bluez-devel-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
bluez-devel-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
SUSE Manager Proxy 4.2
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
SUSE Manager Retail Branch Server 4.2
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
SUSE Manager Server 4.2
bluez-5.55-150300.3.19.1
bluez-deprecated-5.55-150300.3.19.1
libbluetooth3-5.55-150300.3.19.1
Ссылки
- Link for SUSE-SU-2023:0168-1
- E-Mail link for SUSE-SU-2023:0168-1
- SUSE Security Ratings
- SUSE Bug 1203120
- SUSE Bug 1203121
- SUSE CVE CVE-2022-39176 page
- SUSE CVE CVE-2022-39177 page
Описание
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.
Затронутые продукты
SUSE Enterprise Storage 7.1:bluez-5.55-150300.3.19.1
SUSE Enterprise Storage 7.1:bluez-deprecated-5.55-150300.3.19.1
SUSE Enterprise Storage 7.1:bluez-devel-5.55-150300.3.19.1
SUSE Enterprise Storage 7.1:libbluetooth3-5.55-150300.3.19.1
Ссылки
- CVE-2022-39176
- SUSE Bug 1203121
Описание
BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.
Затронутые продукты
SUSE Enterprise Storage 7.1:bluez-5.55-150300.3.19.1
SUSE Enterprise Storage 7.1:bluez-deprecated-5.55-150300.3.19.1
SUSE Enterprise Storage 7.1:bluez-devel-5.55-150300.3.19.1
SUSE Enterprise Storage 7.1:libbluetooth3-5.55-150300.3.19.1
Ссылки
- CVE-2022-39177
- SUSE Bug 1203120