rpm package
suse/bluez&distro=SUSE Linux Enterprise Micro 5.4
pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Micro%205.4
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-50230 | — | < 5.62-150400.4.19.1 | 5.62-150400.4.19.1 | May 3, 2024 | BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that th | ||
| CVE-2023-50229 | — | < 5.62-150400.4.19.1 | 5.62-150400.4.19.1 | May 3, 2024 | BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that th | ||
| CVE-2023-27349 | — | < 5.62-150400.4.13.1 | 5.62-150400.4.13.1 | May 3, 2024 | BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerab | ||
| CVE-2023-45866 | — | < 5.62-150400.4.22.1 | 5.62-150400.4.22.1 | Dec 8, 2023 | Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to | ||
| CVE-2021-41229 | — | < 5.62-150400.4.16.1 | 5.62-150400.4.16.1 | Nov 12, 2021 | BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be |
- CVE-2023-50230May 3, 2024affected < 5.62-150400.4.19.1fixed 5.62-150400.4.19.1
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that th
- CVE-2023-50229May 3, 2024affected < 5.62-150400.4.19.1fixed 5.62-150400.4.19.1
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that th
- CVE-2023-27349May 3, 2024affected < 5.62-150400.4.13.1fixed 5.62-150400.4.13.1
BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerab
- CVE-2023-45866Dec 8, 2023affected < 5.62-150400.4.22.1fixed 5.62-150400.4.22.1
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to
- CVE-2021-41229Nov 12, 2021affected < 5.62-150400.4.16.1fixed 5.62-150400.4.16.1
BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be