ALT-PU-2022-4436-1
Package bluez updated to version 5.64-alt1 for branch sisyphus_mipsel.
Closed vulnerabilities
Published: 2021-06-08
BDU:2022-05666
Уязвимость реализации протокола GATT (Generic ATTribute Profile) стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (8.8)
Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-03-10
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-0204
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
Severity: HIGH (8.8)
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=2039807
- https://bugzilla.redhat.com/show_bug.cgi?id=2039807
- https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0
- https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0
- https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q
- https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q
- [debian-lts-announce] 20221024 [SECURITY] [DLA 3157-1] bluez security update
- [debian-lts-announce] 20221024 [SECURITY] [DLA 3157-1] bluez security update
- GLSA-202209-16
- GLSA-202209-16