MGASA-2022-0058 - Updated bluez packages fix security vulnerability

Publication date: 12 Feb 2022
URL: https://advisories.mageia.org/MGASA-2022-0058.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-0204

Ziming Zhang discovered that BlueZ incorrectly handled memory write
operations in its gatt server. A remote attacker could possibly use this
to cause BlueZ to crash leading to a denial of service, or potentially
remotely execute code. (CVE-2022-0204)

References:
- https://bugs.mageia.org/show_bug.cgi?id=30015
- https://ubuntu.com/security/notices/USN-5275-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0204

SRPMS:
- 8/core/bluez-5.55-3.4.mga8