MGASA-2020-0402 - Updated blueman packages fixes a security vulnerability Publication date: 08 Nov 2020 URL: https://advisories.mageia.org/MGASA-2020-0402.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-15238 Vaisha Bernard discovered that blueman did not properly sanitize input on the D-Bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service (CVE-2020-15238). References: - https://bugs.mageia.org/show_bug.cgi?id=27485 - https://ubuntu.com/security/notices/USN-4605-1 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15238 SRPMS: - 7/core/blueman-2.1.4-1.mga7
Mageia 2020-0402: blueman security update
Vaisha Bernard discovered that blueman did not properly sanitize input on the D-Bus interface to blueman-mechanism
Summary
Vaisha Bernard discovered that blueman did not properly sanitize input on the
D-Bus interface to blueman-mechanism. A local attacker could possibly use this
issue to escalate privileges and run arbitrary code or cause a denial of
service (CVE-2020-15238).
References
- https://bugs.mageia.org/show_bug.cgi?id=27485
- https://ubuntu.com/security/notices/USN-4605-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15238
Resolution
MGASA-2020-0402 - Updated blueman packages fixes a security vulnerability
SRPMS
- 7/core/blueman-2.1.4-1.mga7
Severity
Publication date: 08 Nov 2020
URL: https://advisories.mageia.org/MGASA-2020-0402.html
Type: security
CVE: CVE-2020-15238
News
HOWTOs
About Us
Powered By
