Advisories ยป MGASA-2021-0532

Updated bluez packages fix security vulnerability

Publication date: 02 Dec 2021
Modification date: 02 Dec 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-41229 , CVE-2021-43400


BlueZ is a Bluetooth protocol stack for Linux. In affected versions a
vulnerability exists in sdp_cstate_alloc_buf which allocates memory which
will always be hung in the singly linked list of cstates and will not be
freed. This will cause a memory leak over time. The data can be a very
large object, which can be caused by an attacker continuously sending sdp
packets and this may cause the service of the target device to crash.

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free
can occur when a client disconnects during D-Bus processing of a WriteValue
call. (CVE-2021-43400)