openSUSE-SU-2021:2459-1

Опубликовано: 22 июл. 2021

Источник: suse-cvrf

Описание

Security update for bluez

This update for bluez fixes the following issues:

CVE-2021-3588: Fixed a missing bounds checks inside cli_feat_read_cb() function in src/gatt-database.c (bsc#1187165)

Список пакетов

openSUSE Leap 15.3

bluez-5.55-3.6.1

bluez-auto-enable-devices-5.55-3.6.1

bluez-cups-5.55-3.6.1

bluez-deprecated-5.55-3.6.1

bluez-devel-5.55-3.6.1

bluez-devel-32bit-5.55-3.6.1

bluez-test-5.55-3.6.1

libbluetooth3-5.55-3.6.1

libbluetooth3-32bit-5.55-3.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FD7KE3RMFCUKN7TQCYXDCNJGFVIORKJL/
E-Mail link for openSUSE-SU-2021:2459-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1187165
SUSE Bug 1187165
https://www.suse.com/security/cve/CVE-2021-3588/
SUSE CVE CVE-2021-3588 page

Описание

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.

Затронутые продукты

openSUSE Leap 15.3:bluez-5.55-3.6.1

openSUSE Leap 15.3:bluez-auto-enable-devices-5.55-3.6.1

openSUSE Leap 15.3:bluez-cups-5.55-3.6.1

openSUSE Leap 15.3:bluez-deprecated-5.55-3.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3588.html
CVE-2021-3588
https://bugzilla.suse.com/1187165
SUSE Bug 1187165

openSUSE-SU-2021:2459-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-3588

Описание

Затронутые продукты

Ссылки