Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 42 bluez 5.80: Critical Update for Bluetooth Issues

fedora
Calendar Grey March 20, 2025
Dist Fedora Esm H88
BlueZ 5.80 introduces vital enhancements and fixes, greatly boosting Bluetooth features in Fedora 42, improving connection reliability and supporting new LE functionalities
bluez 5.80: Fix issue with handling address type for all types of keys

Summary

Utilities for use in Bluetooth applications:

- avinfo

- bluemoon

- bluetoothctl

- bluetoothd

- btattach

- btmon

- hex2hcd

- mpris-proxy

The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A.

Update Information:

bluez 5.80: Fix issue with handling address type for all types of keys. Fix issue with handling maximum number of GATT channels. Fix issue with handling MTU auto-tuning feature. Fix issue with handling AVRCP volume in reconfigured transports. Fix issue with handling VCP volume setting requests. Fix issue with handling VCP connection management. Fix issue with handling MAP qualification. Fix issue with handling PBAP qualification. Fix issue with handling BNEP qualification. Add support for PreferredBearer device property. Add support for SupportedTypes Message Access property. Add support for HFP, A2DP, AVRCP, AVCTP and MAP latest versions. iwd 3.4: Add support for the Test Anything Protocol. libell 0.74: Add support for NIST P-192 curve usage with ECDH. Add support for SHA-224 based checksums and HMACs. libell 0.73: Fix issue with parsing hwdb.bin child structures. libell 0.72: Add support for the Test Anything Protocol.

Topics%20covered

Topics Covered

security advisory update buffer overflow Fedora information disclosure Bluetooth

Change Log

* Mon Mar 17 2025 Peter Robinson - 5.80-1 - Update to 5.80

References


[ 1 ] Bug #2278949 - CVE-2023-51596 bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278949 [ 2 ] Bug #2278957 - CVE-2023-51594 bluez: OBEX library out-of-bounds read information disclosure vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278957 [ 3 ] Bug #2278963 - CVE-2023-51592 bluez: audio profile avrcp parse_media_folder out-of-bounds read information disclosure vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278963 [ 4 ] Bug #2278966 - CVE-2023-51589 bluez: audio profile avrcp parse_media_element out-of-bounds read information disclosure vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278966 [ 5 ] Bug #2278968 - CVE-2023-51580 bluez: avrcp_parse_attribute_list out-of-bounds read information disclosure vulnerability [fedora-all] https://bugzilla.r...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-35347bf9f0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: bluez
Product: Fedora 42
Version: 5.80
Release: 1.fc42
URL:
Summary: Bluetooth utilities

Topics%20covered

Topics Covered

security advisory update buffer overflow Fedora information disclosure Bluetooth

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here