Mageia 2025-0115: bluez Security Advisory Updates
mageia
March 26, 2025
BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability
Summary
BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code
Execution Vulnerability. (CVE-2023-44431)
BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read
Information Disclosure Vulnerability. (CVE-2023-51580)
BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read
Information Disclosure Vulnerability. (CVE-2023-51589)
BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read
Information Disclosure Vulnerability. (CVE-2023-51592)
BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure
Vulnerability. (CVE-2023-51594)
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code
Execution Vulnerability. (CVE-2023-51596)
References
- https://bugs.mageia.org/show_bug.cgi?id=34123
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6KKJVC5RPR5AMR4ZTMHWP7TATS4SY47/
- https://www.cve.org/CVERecord?id=CVE-2023-44431
- https://www.cve.org/CVERecord?id=CVE-2023-51580
- https://www.cve.org/CVERecord?id=CVE-2023-51589
- https://www.cve.org/CVERecord?id=CVE-2023-51592
- https://www.cve.org/CVERecord?id=CVE-2023-51594
- https://www.cve.org/CVERecord?id=CVE-2023-51596
Resolution
SRPMS
- 9/core/bluez-5.80-1.mga9
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 26 Mar 2025
URL: https://advisories.mageia.org/MGASA-2025-0115.html
Type: security
CVE: CVE-2023-44431, CVE-2023-51580, CVE-2023-51589, CVE-2023-51592, CVE-2023-51594, CVE-2023-51596
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!