rpm package
suse/bluez&distro=SUSE Linux Enterprise Workstation Extension 12 SP4
pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-9853 | — | < 5.13-5.20.6 | 5.13-5.20.6 | Sep 27, 2019 | LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categori | ||
| CVE-2016-9918 | Hig | 7.5 | < 5.13-5.12.1 | 5.13-5.12.1 | Dec 8, 2016 | In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash. | |
| CVE-2016-9917 | Hig | 7.5 | < 5.13-5.12.1 | 5.13-5.12.1 | Dec 8, 2016 | In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. | |
| CVE-2016-9802 | Med | 5.3 | < 5.13-5.12.1 | 5.13-5.12.1 | Dec 3, 2016 | In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash. | |
| CVE-2016-9801 | Med | 5.3 | < 5.13-5.7.1 | 5.13-5.7.1 | Dec 3, 2016 | In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file. | |
| CVE-2016-9800 | Med | 5.3 | < 5.13-5.7.1 | 5.13-5.7.1 | Dec 3, 2016 | In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" pa | |
| CVE-2016-9798 | Med | 5.3 | < 5.13-5.12.1 | 5.13-5.12.1 | Dec 3, 2016 | In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. | |
| CVE-2016-9797 | Med | 5.3 | < 5.13-5.12.1 | 5.13-5.12.1 | Dec 3, 2016 | In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash. |
- CVE-2019-9853Sep 27, 2019affected < 5.13-5.20.6fixed 5.13-5.20.6
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categori
- affected < 5.13-5.12.1fixed 5.13-5.12.1
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
- affected < 5.13-5.12.1fixed 5.13-5.12.1
In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
- affected < 5.13-5.12.1fixed 5.13-5.12.1
In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
- affected < 5.13-5.7.1fixed 5.13-5.7.1
In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.
- affected < 5.13-5.7.1fixed 5.13-5.7.1
In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" pa
- affected < 5.13-5.12.1fixed 5.13-5.12.1
In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
- affected < 5.13-5.12.1fixed 5.13-5.12.1
In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.