Summary: | <net-wireless/bluez-5.55: double free in the gatttool disconnect_cb() routine from shared/att.c could cause a DoS or code execution (CVE-2020-27153) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | filip ambroz <filip.ambroz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | filip.ambroz, pacho |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd95e5fed20d36fe8e077f07 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=749315 | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
filip ambroz
2020-10-15 13:12:01 UTC
Maintainer, please stabilize when ready. arm64 stable amd64 stable x86 stable arm done ppc/ppc64 stable Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a9fa005b8404eaa55cfb6cf14b2e26c98a2715af commit a9fa005b8404eaa55cfb6cf14b2e26c98a2715af Author: Pacho Ramos <pacho@gentoo.org> AuthorDate: 2020-10-24 22:23:36 +0000 Commit: Pacho Ramos <pacho@gentoo.org> CommitDate: 2020-10-24 22:23:36 +0000 net-wireless/bluez: Drop old Bug: https://bugs.gentoo.org/749285 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Pacho Ramos <pacho@gentoo.org> net-wireless/bluez/Manifest | 1 - net-wireless/bluez/bluez-5.54.ebuild | 297 ----------------------------------- 2 files changed, 298 deletions(-) Thanks all! This issue was resolved and addressed in GLSA 202011-01 at https://security.gentoo.org/glsa/202011-01 by GLSA coordinator Sam James (sam_c). |