VYPR

rpm package

suse/bluez&distro=SUSE Linux Enterprise Workstation Extension 15

pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015

Vulnerabilities (7)

  • CVE-2016-9918HigDec 8, 2016
    affected < 5.48-5.13.10fixed 5.48-5.13.10

    In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

  • CVE-2016-9917HigDec 8, 2016
    affected < 5.48-5.16.1fixed 5.48-5.16.1

    In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

  • CVE-2016-9802MedDec 3, 2016
    affected < 5.48-5.16.1fixed 5.48-5.16.1

    In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

  • CVE-2016-9801MedDec 3, 2016
    affected < 5.48-5.8.1fixed 5.48-5.8.1

    In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.

  • CVE-2016-9800MedDec 3, 2016
    affected < 5.48-5.8.1fixed 5.48-5.8.1

    In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" pa

  • CVE-2016-9798MedDec 3, 2016
    affected < 5.48-5.16.1fixed 5.48-5.16.1

    In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

  • CVE-2016-9797MedDec 3, 2016
    affected < 5.48-5.16.1fixed 5.48-5.16.1

    In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.