Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 712292 (CVE-2020-0556, INTEL-SA-00352) - <net-wireless/bluez-5.54: Denial of service/privilege escalation (CVE-2020-0556/INTEL-SA-00352)
Summary: <net-wireless/bluez-5.54: Denial of service/privilege escalation (CVE-2020-05...
Status: IN_PROGRESS
Alias: CVE-2020-0556, INTEL-SA-00352
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: https://www.intel.com/content/www/us/...
Whiteboard: B1 [cleanup glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-12 23:05 UTC by Sam James (sam_c) (security padawan)
Modified: 2020-03-29 17:53 UTC (History)
3 users (show)

See Also:
Package list:
net-wireless/bluez-5.54 amd64 arm arm64 hppa ppc ppc64 x86 dev-libs/ell-0.28 amd64 arm arm64 hppa ppc ppc64 x86 net-wireless/iwd-1.5 amd64 arm arm64 ppc ppc64 x86
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James (sam_c) (security padawan) 2020-03-12 23:05:55 UTC
Description:
"Improper access control in subsystem for BlueZ before version 5.53 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access."

Patches for <5.53:
https://patchwork.kernel.org/patch/11428317/
https://patchwork.kernel.org/patch/11428319/
Comment 1 Thomas Deutschmann gentoo-dev Security 2020-03-15 01:35:06 UTC
Looks like patches didn't make it into 5.53 release.
Comment 2 Sam James (sam_c) (security padawan) 2020-03-15 01:38:12 UTC
(In reply to Thomas Deutschmann from comment #1)
> Looks like patches didn't make it into 5.53 release.


NOTE: As pointed out [0] on oss-security, these patches do not seem to have landed in time for 5.53, contrary to the advisory(!)

I have verified this claim by downloading the tarball and checking for the patches but they do not seem to apply.

Note that maintainers can still apply the linked patches.

[0] https://www.openwall.com/lists/oss-security/2020/03/13/2
Comment 3 Sam James (sam_c) (security padawan) 2020-03-15 01:38:44 UTC
(In reply to sam_c (Security Padawan) from comment #2)
> (In reply to Thomas Deutschmann from comment #1)
> > Looks like patches didn't make it into 5.53 release.
> 
> 
> NOTE: As pointed out [0] on oss-security, these patches do not seem to have
> landed in time for 5.53, contrary to the advisory(!)
> 
> I have verified this claim by downloading the tarball and checking for the
> patches but they do not seem to apply.
> 
> Note that maintainers can still apply the linked patches.
> 
> [0] https://www.openwall.com/lists/oss-security/2020/03/13/2

s/apply/have been applied/.
Comment 4 Pacho Ramos gentoo-dev 2020-03-20 15:12:24 UTC
We can try to stabilize 5.54 I think
Comment 5 Stabilization helper bot gentoo-dev 2020-03-20 16:01:14 UTC
An automated check of this bug failed - repoman reported dependency errors (193 lines truncated): 

> dependency.bad net-wireless/bluez/bluez-5.54.ebuild: DEPEND: amd64(default/linux/amd64/17.0) ['>=dev-libs/ell-0.28']
> dependency.bad net-wireless/bluez/bluez-5.54.ebuild: RDEPEND: amd64(default/linux/amd64/17.0) ['>=dev-libs/ell-0.28']
> dependency.bad net-wireless/bluez/bluez-5.54.ebuild: DEPEND: amd64(default/linux/amd64/17.0/desktop) ['>=dev-libs/ell-0.28']
Comment 6 Sam James (sam_c) (security padawan) 2020-03-20 16:04:53 UTC
(In reply to Pacho Ramos from comment #4)
> We can try to stabilize 5.54 I think

Yes please, they've updated the advisory now, so 5.5.4 is the first fixed version.
Comment 7 Ben Kohler gentoo-dev 2020-03-20 18:17:16 UTC
Current stable net-wireless/iwd-1.4 depends on ~ell-0.27, can we add iwd-1.5 stabilization to this list? No known blockers for iwd stable
Comment 8 Pacho Ramos gentoo-dev 2020-03-20 22:49:46 UTC
sure
Comment 9 Agostino Sarubbo gentoo-dev 2020-03-21 16:25:41 UTC
amd64 stable
Comment 10 Agostino Sarubbo gentoo-dev 2020-03-21 16:48:15 UTC
arm stable
Comment 11 Agostino Sarubbo gentoo-dev 2020-03-21 16:50:05 UTC
ppc stable
Comment 12 Agostino Sarubbo gentoo-dev 2020-03-21 16:50:46 UTC
ppc64 stable
Comment 13 Agostino Sarubbo gentoo-dev 2020-03-21 16:51:22 UTC
x86 stable
Comment 14 Rolf Eike Beer 2020-03-23 21:12:53 UTC
dropped to ~hppa
Comment 15 Sam James (sam_c) (security padawan) 2020-03-23 21:27:53 UTC
(updating whiteboard)
Comment 16 Thomas Deutschmann gentoo-dev Security 2020-03-25 15:16:50 UTC
New GLSA request filed.
Comment 17 GLSAMaker/CVETool Bot gentoo-dev 2020-03-25 15:36:04 UTC
This issue was resolved and addressed in
 GLSA 202003-49 at https://security.gentoo.org/glsa/202003-49
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 18 Thomas Deutschmann gentoo-dev Security 2020-03-25 15:36:42 UTC
Re-opening for remaining architectures.
Comment 19 Mart Raudsepp gentoo-dev 2020-03-29 11:03:53 UTC
arm64 stable
Comment 20 Sam James (sam_c) (security padawan) 2020-03-29 17:53:12 UTC
@maintainer(s), please cleanup