Advisories » MGASA-2021-0532

Updated bluez packages fix security vulnerability

Publication date: 02 Dec 2021
Modification date: 02 Dec 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-41229 , CVE-2021-43400

Description

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a
vulnerability exists in sdp_cstate_alloc_buf which allocates memory which
will always be hung in the singly linked list of cstates and will not be
freed. This will cause a memory leak over time. The data can be a very
large object, which can be caused by an attacker continuously sending sdp
packets and this may cause the service of the target device to crash.
(CVE-2021-41229)

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free
can occur when a client disconnects during D-Bus processing of a WriteValue
call. (CVE-2021-43400)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=29694
• https://ubuntu.com/security/notices/USN-5155-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41229
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43400

SRPMS

8/core

• bluez-5.55-3.3.mga8