Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

Ubuntu 20.04 LTS USN-5481-1 Moderate: BlueZ Denial Of Service

ubuntu
Calendar Grey June 15, 2022
Dist Ubuntu Esm H88
Numerous BlueZ security flaws addressed in Ubuntu, impacting vital Bluetooth functionalities. Ensure your systems are updated immediately!
Several security issues were fixed in BlueZ.

Summary

Several security issues were fixed in BlueZ.

Software Description:

- bluez: Bluetooth tools and daemons

Details:

It was discovered that BlueZ incorrectly validated certain capabilities

and lengths when handling the A2DP profile. A remote attacker could use

this issue to cause BlueZ to crash, resulting in a denial of service, or

possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  bluez                           5.53-0ubuntu3.6
  libbluetooth3                   5.53-0ubuntu3.6

Ubuntu 18.04 LTS:
  bluez                           5.48-0ubuntu3.9
  libbluetooth3                   5.48-0ubuntu3.9

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5481-1

https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1977968

June 15, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.