An update for bluez is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2022-1595
Final
1.0
1.0
2022-03-26
Initial
2022-03-26
2022-03-26
openEuler SA Tool V1.0
2022-03-26
bluez security update
An update for bluez is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3.
This package provides all utilities for use in Bluetooth applications. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A.
Security Fix(es):
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.(CVE-2022-0204)
An update for bluez is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
High
bluez
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1595
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-0204
https://nvd.nist.gov/vuln/detail/CVE-2022-0204
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP2
openEuler-20.03-LTS-SP3
bluez-libs-5.54-9.oe1.aarch64.rpm
bluez-5.54-9.oe1.aarch64.rpm
bluez-debuginfo-5.54-9.oe1.aarch64.rpm
bluez-devel-5.54-9.oe1.aarch64.rpm
bluez-debugsource-5.54-9.oe1.aarch64.rpm
bluez-cups-5.54-9.oe1.aarch64.rpm
bluez-libs-5.54-9.oe1.aarch64.rpm
bluez-debugsource-5.54-9.oe1.aarch64.rpm
bluez-5.54-9.oe1.aarch64.rpm
bluez-devel-5.54-9.oe1.aarch64.rpm
bluez-debuginfo-5.54-9.oe1.aarch64.rpm
bluez-cups-5.54-9.oe1.aarch64.rpm
bluez-5.54-9.oe1.aarch64.rpm
bluez-devel-5.54-9.oe1.aarch64.rpm
bluez-debugsource-5.54-9.oe1.aarch64.rpm
bluez-debuginfo-5.54-9.oe1.aarch64.rpm
bluez-libs-5.54-9.oe1.aarch64.rpm
bluez-cups-5.54-9.oe1.aarch64.rpm
bluez-help-5.54-9.oe1.noarch.rpm
bluez-help-5.54-9.oe1.noarch.rpm
bluez-help-5.54-9.oe1.noarch.rpm
bluez-5.54-9.oe1.src.rpm
bluez-5.54-9.oe1.src.rpm
bluez-5.54-9.oe1.src.rpm
bluez-libs-5.54-9.oe1.x86_64.rpm
bluez-cups-5.54-9.oe1.x86_64.rpm
bluez-5.54-9.oe1.x86_64.rpm
bluez-debuginfo-5.54-9.oe1.x86_64.rpm
bluez-debugsource-5.54-9.oe1.x86_64.rpm
bluez-devel-5.54-9.oe1.x86_64.rpm
bluez-5.54-9.oe1.x86_64.rpm
bluez-debuginfo-5.54-9.oe1.x86_64.rpm
bluez-devel-5.54-9.oe1.x86_64.rpm
bluez-cups-5.54-9.oe1.x86_64.rpm
bluez-debugsource-5.54-9.oe1.x86_64.rpm
bluez-libs-5.54-9.oe1.x86_64.rpm
bluez-devel-5.54-9.oe1.x86_64.rpm
bluez-5.54-9.oe1.x86_64.rpm
bluez-debuginfo-5.54-9.oe1.x86_64.rpm
bluez-libs-5.54-9.oe1.x86_64.rpm
bluez-debugsource-5.54-9.oe1.x86_64.rpm
bluez-cups-5.54-9.oe1.x86_64.rpm
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
2022-03-26
CVE-2022-0204
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP2
openEuler-20.03-LTS-SP3
High
8.8
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
bluez security update
2022-03-26
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1595