openSUSE-SU-2020:1876-1

Опубликовано: 08 нояб. 2020

Источник: suse-cvrf

Описание

Security update for bluez

This update for bluez fixes the following issues:

CVE-2020-27153: Fixed possible crash on disconnect (bsc#1177895).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.1

bluez-5.48-lp151.8.15.1

bluez-auto-enable-devices-5.48-lp151.8.15.1

bluez-cups-5.48-lp151.8.15.1

bluez-devel-5.48-lp151.8.15.1

bluez-devel-32bit-5.48-lp151.8.15.1

bluez-test-5.48-lp151.8.15.1

libbluetooth3-5.48-lp151.8.15.1

libbluetooth3-32bit-5.48-lp151.8.15.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BB5UDM6QQQT6VWNYJOL6RFHSCCBGZ5N6/
E-Mail link for openSUSE-SU-2020:1876-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1177895
SUSE Bug 1177895
https://www.suse.com/security/cve/CVE-2020-27153/
SUSE CVE CVE-2020-27153 page

Описание

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.

Затронутые продукты

openSUSE Leap 15.1:bluez-5.48-lp151.8.15.1

openSUSE Leap 15.1:bluez-auto-enable-devices-5.48-lp151.8.15.1

openSUSE Leap 15.1:bluez-cups-5.48-lp151.8.15.1

openSUSE Leap 15.1:bluez-devel-32bit-5.48-lp151.8.15.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-27153.html
CVE-2020-27153
https://bugzilla.suse.com/1177895
SUSE Bug 1177895

openSUSE-SU-2020:1876-1

Описание

Список пакетов

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2020-27153

Описание

Затронутые продукты

Ссылки