rpm package
suse/bluez&distro=SUSE Linux Enterprise Server 15 SP1-BCL
pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0204 | Hig | 8.8 | < 5.48-150000.5.31.1 | 5.48-150000.5.31.1 | Mar 10, 2022 | A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | |
| CVE-2021-3658 | Med | 6.5 | < 5.48-150000.5.41.1 | 5.48-150000.5.41.1 | Mar 2, 2022 | bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the blue | |
| CVE-2019-8922 | Hig | 8.8 | < 5.48-150000.5.34.1 | 5.48-150000.5.34.1 | Nov 29, 2021 | A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to th | |
| CVE-2019-8921 | Med | 6.5 | < 5.48-150000.5.41.1 | 5.48-150000.5.41.1 | Nov 29, 2021 | An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting | |
| CVE-2021-43400 | — | < 5.48-150000.5.41.1 | 5.48-150000.5.41.1 | Nov 4, 2021 | An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. | ||
| CVE-2021-0129 | — | < 5.48-150000.5.41.1 | 5.48-150000.5.41.1 | Jun 9, 2021 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | ||
| CVE-2020-26558 | — | < 5.48-150000.5.41.1 | 5.48-150000.5.41.1 | May 24, 2021 | Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide |
- affected < 5.48-150000.5.31.1fixed 5.48-150000.5.31.1
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
- affected < 5.48-150000.5.41.1fixed 5.48-150000.5.41.1
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the blue
- affected < 5.48-150000.5.34.1fixed 5.48-150000.5.34.1
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to th
- affected < 5.48-150000.5.41.1fixed 5.48-150000.5.41.1
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting
- CVE-2021-43400Nov 4, 2021affected < 5.48-150000.5.41.1fixed 5.48-150000.5.41.1
An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.
- CVE-2021-0129Jun 9, 2021affected < 5.48-150000.5.41.1fixed 5.48-150000.5.41.1
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
- CVE-2020-26558May 24, 2021affected < 5.48-150000.5.41.1fixed 5.48-150000.5.41.1
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evide