rpm package
opensuse/bluez&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/bluez&distro=openSUSE%20Leap%2015.3
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0204 | Hig | 8.8 | < 5.55-150300.3.11.1 | 5.55-150300.3.11.1 | Mar 10, 2022 | A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | |
| CVE-2021-3658 | Med | 6.5 | < 5.55-150300.3.14.1 | 5.55-150300.3.14.1 | Mar 2, 2022 | bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the blue | |
| CVE-2021-43400 | — | < 5.55-150300.3.14.1 | 5.55-150300.3.14.1 | Nov 4, 2021 | An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. | ||
| CVE-2021-3588 | — | < 5.55-3.6.1 | 5.55-3.6.1 | Jun 10, 2021 | The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. | ||
| CVE-2021-0129 | — | < 5.55-3.3.1 | 5.55-3.3.1 | Jun 9, 2021 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | ||
| CVE-2020-26558 | — | < 5.55-3.3.1 | 5.55-3.3.1 | May 24, 2021 | Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide |
- affected < 5.55-150300.3.11.1fixed 5.55-150300.3.11.1
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
- affected < 5.55-150300.3.14.1fixed 5.55-150300.3.14.1
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the blue
- CVE-2021-43400Nov 4, 2021affected < 5.55-150300.3.14.1fixed 5.55-150300.3.14.1
An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.
- CVE-2021-3588Jun 10, 2021affected < 5.55-3.6.1fixed 5.55-3.6.1
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
- CVE-2021-0129Jun 9, 2021affected < 5.55-3.3.1fixed 5.55-3.3.1
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
- CVE-2020-26558May 24, 2021affected < 5.55-3.3.1fixed 5.55-3.3.1
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide