All errata/sisyphus/ALT-PU-2023-8735-1
ALT-PU-2023-8735-1

Package update bluez in branch sisyphus

Version5.69-alt1
Task#328785
Published2023-09-05
Max severityHIGH
Severity:

Closed issues (14)

BDU:2024-01454
HIGH7.1

Уязвимость реализации протокола AVRCP стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю выполнить произвольный код с правами root

Published: 2024-02-20Modified: 2025-11-19
CVSS 3.xHIGH 7.1
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:C/A:C
References
BDU:2024-03543
HIGH7.1

Уязвимость кода компонента Audio Profile AVRCP стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю выполнять произвольный код

Published: 2024-05-07Modified: 2026-03-10
CVSS 3.xHIGH 7.1
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:C/A:C
References
BDU:2024-03559
HIGH7.1

Уязвимость кода компонента Audio Profile AVRCP стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю выполнять произвольный код

Published: 2024-05-07Modified: 2026-03-10
CVSS 3.xHIGH 7.1
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:C/A:C
References
BDU:2025-16166
MEDIUM5.4

Уязвимость реализации протокола AVRCP стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю обойти существующие ограничения безопасности

Published: 2025-12-22
CVSS 3.xMEDIUM 5.4
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L
CVSS 2.0LOW 1.8
CVSS:2.0/AV:A/AC:H/Au:N/C:N/I:N/A:P
References
BDU:2025-16168
MEDIUM5.4

Уязвимость реализации протокола AVRCP стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю обойти существующие ограничения безопасности

Published: 2025-12-22Modified: 2026-03-10
CVSS 3.xMEDIUM 5.4
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L
CVSS 2.0MEDIUM 5.3
CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:N/A:P
References
BDU:2025-16169
MEDIUM5.4

Уязвимость компонента Audio Profile AVRCP стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Published: 2025-12-22Modified: 2026-03-10
CVSS 3.xMEDIUM 5.4
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L
CVSS 2.0MEDIUM 5.3
CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:N/A:P
References
BDU:2025-16170
LOW2.6

Уязвимость реализации OBEX стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2025-12-22Modified: 2026-03-10
CVSS 3.xLOW 2.6
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CVSS 2.0LOW 1.8
CVSS:2.0/AV:A/AC:H/Au:N/C:P/I:N/A:N
References
CVE-2023-27349
HIGH8.0

BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19908.

Published: 2024-05-03Modified: 2025-11-04
CVSS 3.xHIGH 8.0
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2023-44431
HIGH8.0

BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19909.

Published: 2024-05-03Modified: 2025-07-08
CVSS 3.xHIGH 8.0
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2023-51580
MEDIUM5.7

BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20852.

Published: 2024-05-03Modified: 2025-07-09
CVSS 3.xMEDIUM 5.7
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References
CVE-2023-51589
MEDIUM5.7

BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20853.

Published: 2024-05-03Modified: 2025-07-08
CVSS 3.xMEDIUM 5.7
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References
CVE-2023-51592
MEDIUM5.7

BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20854.

Published: 2024-05-03Modified: 2025-07-08
CVSS 3.xMEDIUM 5.7
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References
CVE-2023-51594
MEDIUM5.7

BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of OBEX protocol parameters. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20937.

Published: 2024-05-03Modified: 2025-07-08
CVSS 3.xMEDIUM 5.7
CVSS:3.x/CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
References
CVE-2023-51596
HIGH7.1

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20939.

Published: 2024-05-03Modified: 2025-07-08
CVSS 3.xHIGH 7.1
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
References