Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 20.04 LTS: 4605-1 Moderate: Blueman Privilege Escalation

ubuntu
Calendar Grey October 27, 2020
Dist Ubuntu Esm H88
Ubuntu Security Advisory regarding the Blueman security flaw, outlining necessary updates and potential risks to systems.
Blueman could be made to run programs if it received specially crafted input.

Summary

Blueman could be made to run programs if it received specially crafted

input.

Software Description:

- blueman: Graphical bluetooth manager

Details:

Vaisha Bernard discovered that blueman did not properly sanitize input

on the d-bus interface to blueman-mechanism. A local attacker could

possibly use this issue to escalate privileges and run arbitrary code or

cause a denial of service. (CVE-2020-15238)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  blueman                         2.1.3-2ubuntu1

Ubuntu 20.04 LTS:
  blueman                         2.1.2-1ubuntu0.1

Ubuntu 18.04 LTS:
  blueman                         2.0.5-1ubuntu1.1

Ubuntu 16.04 LTS:
  blueman                         2.0.4-1ubuntu2.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4605-1

CVE-2020-15238

Severity
important
Lowest
Low
Medium
High
Critical

October 27, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here