Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 835077 (CVE-2022-0204)

Summary: <net-wireless/bluez-5.63: heap buffer overflow
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: major CC: 89q1r14hd, pacho
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q
Whiteboard: B1 [glsa?]
Package list:
Runtime testing required: ---
Bug Depends on: 837584    
Bug Blocks:    

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-13 14:03:24 UTC
CVE-2022-0204 (https://bugzilla.redhat.com/show_bug.cgi?id=2039807):

A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.

The GitHub advisory claims this can result in remote code execution,
but RedHat's closed the bug as NOTABUG without explanation, but gave
this a CVE anyway, but with a different impact than the advisory.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-30 02:40:53 UTC
This is the patch: https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0

So, please cleanup.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-10 14:02:20 UTC
Sorry, right, we need stabilization here
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-11 14:43:47 UTC
Now please cleanup :)
Comment 4 Larry the Git Cow gentoo-dev 2022-04-18 16:27:22 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ce2e1c7de43ea080fbf8e1dea2af821993d8d6d6

commit ce2e1c7de43ea080fbf8e1dea2af821993d8d6d6
Author:     Pacho Ramos <pacho@gentoo.org>
AuthorDate: 2022-04-18 16:23:31 +0000
Commit:     Pacho Ramos <pacho@gentoo.org>
CommitDate: 2022-04-18 16:23:31 +0000

    net-wireless/bluez: drop 5.62-r2, 5.62-r3, 5.63-r1
    
    Bug: https://bugs.gentoo.org/835077
    Signed-off-by: Pacho Ramos <pacho@gentoo.org>

 net-wireless/bluez/Manifest                        |   2 -
 net-wireless/bluez/bluez-5.62-r2.ebuild            | 285 -----------
 net-wireless/bluez/bluez-5.62-r3.ebuild            | 295 -----------
 net-wireless/bluez/bluez-5.63-r1.ebuild            | 295 -----------
 ...1-Revert-attrib-Make-use-of-bt_att_resend.patch | 188 -------
 ...hog-Fix-read-order-of-attributes-rediffed.patch | 542 ---------------------
 ...while-uhid-device-has-not-been-c-rediffed.patch |  90 ----
 .../bluez/files/bluez-5.62-fix-disconnecting.patch |  54 --
 8 files changed, 1751 deletions(-)