[CLSA-2025:1763031616] bluez: Fix of 10 CVEs
Type:
security
Severity:
Important
Release date:
2025-11-13 11:00:20 UTC
Description:
- CVE-2023-27349: fix crash while handling unsupported events in avrcp - CVE-2023-44431: fix Stack-based buffer overflow and remote code execution vulnerability - CVE-2023-45866: restrict HID connections to avoid unauthorized input injection - CVE-2023-50229: fix heap-based buffer overflow vulnerability in handling Phone Book Access profile by adding proper validation of user-supplied data length before copying to buffer - CVE-2023-50230: fix heap-based buffer overflow vulnerability in Phone Book Access profile to prevent arbitrary code execution by validating user-supplied data length before copying to buffer - CVE-2023-51580: validate AVRCP attribute list data to prevent out-of-bounds reads and information disclosure - CVE-2023-51589: validate AVRCP media element data to prevent out-of-bounds reads and information disclosure - CVE-2023-51592: validate AVRCP media folder data to prevent out-of-bounds reads and information disclosure - CVE-2023-51594: validate OBEX protocol parameters to prevent out-of-bounds reads and information disclosure - CVE-2023-51596: validate PBAP data length to prevent heap overflow and remote code execution
Updated packages:
  • bluez-5.72-4.el9.tuxcare.els1.x86_64.rpm
    sha:663ac621d63aaeff55a6a394dfc699276eea413761970339d2f79c15c91ad38c
  • bluez-cups-5.72-4.el9.tuxcare.els1.x86_64.rpm
    sha:f37ea1439bedef509187ea61f59bb101af884b90f41694980530dc6acda3f1a9
  • bluez-hid2hci-5.72-4.el9.tuxcare.els1.x86_64.rpm
    sha:995b25360fb5a159a9daca6d8793f3cf565ad8bd8c0bde8c4b720263e3bebb68
  • bluez-libs-5.72-4.el9.tuxcare.els1.i686.rpm
    sha:52fec3b33c828fdb4be825e25866cf59f336ba9c0842e600ab7cb154537671a5
  • bluez-libs-5.72-4.el9.tuxcare.els1.x86_64.rpm
    sha:6b6b0a3908d823c13f3088373c85b4863ecaea4c53ce2f24e6de79afe6d7326f
  • bluez-libs-devel-5.72-4.el9.tuxcare.els1.i686.rpm
    sha:dd56ce6e4b50f782743c3e9edd99d2e2004d7f7337a96878684dae8f35748f05
  • bluez-libs-devel-5.72-4.el9.tuxcare.els1.x86_64.rpm
    sha:984527ac591e90fb66c817cadaa510f25c72b7a99528187b403f2fb4b03b205b
  • bluez-mesh-5.72-4.el9.tuxcare.els1.x86_64.rpm
    sha:a56044c74b58f9e3d1d05eff282efc6a064cf8a7b676231629a77953f020b0dd
  • bluez-obexd-5.72-4.el9.tuxcare.els1.x86_64.rpm
    sha:e4836adcce82fd6b7fd66c0d50510fc2a3de2ed941b35384a01f77e0bfb0954e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.