Advisories ยป MGASA-2025-0115

Updated bluez packages fix security vulnerabilities

Publication date: 26 Mar 2025
Modification date: 26 Mar 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-44431 , CVE-2023-51580 , CVE-2023-51589 , CVE-2023-51592 , CVE-2023-51594 , CVE-2023-51596

Description

BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code
Execution Vulnerability. (CVE-2023-44431)
BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read
Information Disclosure Vulnerability. (CVE-2023-51580)
BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read
Information Disclosure Vulnerability. (CVE-2023-51589)
BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read
Information Disclosure Vulnerability. (CVE-2023-51592)
BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure
Vulnerability. (CVE-2023-51594)
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code
Execution Vulnerability. (CVE-2023-51596)
                

References

SRPMS

9/core