SB2022103008 - SUSE update for bluez

Security Bulletin ID SB2022103008

Severity

Low

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Adjecent network

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Out-of-bounds read (CVE-ID: CVE-2016-9803)

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a boundary condition within the le_meta_ev_dump() function in tools/parser/hci.c. A local user can pass a specially crafted dump file, trigger a buffer overflow and crash application.

2) Out-of-bounds read (CVE-ID: CVE-2019-8921)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to missing verification checks when handling consecutive SVC_ATTR_REQ requests within the service_attr_req() function in sdpd-request.c in bluetoothd . A remote attacker on the local network can send specially crafted CSTATE data to the system and trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrary heap data.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2022/suse-su-20223718-1/

SB2022103008 - SUSE update for bluez

Breakdown by Severity

Description

Remediation

References

Please verify you're human