Ubuntu 19.10, 18.04 LTS, 16.04 LTS: BlueZ Security Advisory Details
ubuntu
March 30, 2020
Several security issues were fixed in BlueZ.
Summary
Several security issues were fixed in BlueZ.
Software Description:
- bluez: Bluetooth tools and daemons
Details:
It was discovered that BlueZ incorrectly handled bonding HID and HOGP
devices. A local attacker could possibly use this issue to impersonate
non-bonded devices. (CVE-2020-0556)
It was discovered that BlueZ incorrectly handled certain commands. A local
attacker could use this issue to cause BlueZ to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 16.04 LTS. (CVE-2016-7837)
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: bluez 5.50-0ubuntu5.1 libbluetooth3 5.50-0ubuntu5.1 Ubuntu 18.04 LTS: bluez 5.48-0ubuntu3.4 libbluetooth3 5.48-0ubuntu3.4 Ubuntu 16.04 LTS: bluez 5.37-0ubuntu5.3 libbluetooth3 5.37-0ubuntu5.3 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-4311-1
CVE-2016-7837, CVE-2020-0556
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
March 30, 2020
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!