Summary: | <net-wireless/bluez-5.70-r1: Denial of service/privilege escalation | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | pacho |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/skysafe/reblog/tree/main/cve-2023-45866 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=712292 | ||
Whiteboard: | B1 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 919864 | ||
Bug Blocks: |
Description
Sam James
2023-12-07 02:12:07 UTC
I'll backport the patch tonight if that's alright. commit 26f32e2abe9e0c412c98898f61b144a3f6e5fb76 Author: Sam James <sam@gentoo.org> Date: Sat Dec 9 18:05:05 2023 +0000 net-wireless/bluez: backport CVE-2023-45866 fix Signed-off-by: Sam James <sam@gentoo.org> The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7eea4a6e371f176706880da4b1e0ef04fb5c3f7c commit 7eea4a6e371f176706880da4b1e0ef04fb5c3f7c Author: Pacho Ramos <pacho@gentoo.org> AuthorDate: 2023-12-16 09:14:54 +0000 Commit: Pacho Ramos <pacho@gentoo.org> CommitDate: 2023-12-16 09:15:19 +0000 net-wireless/bluez: drop 5.68, 5.69, 5.70 Bug: https://bugs.gentoo.org/919383 Signed-off-by: Pacho Ramos <pacho@gentoo.org> net-wireless/bluez/Manifest | 2 - net-wireless/bluez/bluez-5.68.ebuild | 294 --------------------- net-wireless/bluez/bluez-5.69.ebuild | 285 -------------------- net-wireless/bluez/bluez-5.70.ebuild | 285 -------------------- .../bluez/files/bluez-5.68-bap-dettach-io.patch | 101 ------- .../bluez/files/bluez-5.68-bap-ebusy-fix.patch | 206 --------------- .../bluez/files/bluez-5.68-bap-nonzero.patch | 27 -- .../bluez/files/bluez-5.68-bap-resume.patch | 187 ------------- .../bluez/files/bluez-5.68-clang-midi.patch | 83 ------ .../files/bluez-5.68-heap-use-after-free.patch | 41 --- .../bluez/files/bluez-5.68-monitor-decoding.patch | 45 ---- 11 files changed, 1556 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=87a5ad502549134412c395506282f7e0d2f07c69 commit 87a5ad502549134412c395506282f7e0d2f07c69 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-05 12:09:52 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-05 12:10:24 +0000 [ GLSA 202401-03 ] BlueZ: Privilege Escalation Bug: https://bugs.gentoo.org/919383 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-03.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) |