bluez-5.63-3.el8_10.ML.1
エラータID: AXSA:2024-9445:02
リリース日:
2024/12/20 Friday - 13:38
題名:
bluez-5.63-3.el8_10.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- BlueZ の Bluetooth HID ホスト機能には、ペアリングに
よって認証されていないキーボードなどのペリフェラル
ロールの HID デバイスによる暗号化された接続の確立と
HID キーボードレポートの受信を許容してしまう問題が
あるため、Bluetooth 接続が可能な攻撃者により、細工
された Bluetooth キーボードなどのデバイスとの接続を
介して、任意のコマンドの実行を可能とする脆弱性が
存在します。(CVE-2023-45866)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-45866
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
追加情報:
N/A
ダウンロード:
SRPMS
- bluez-5.63-3.el8_10.ML.1.src.rpm
MD5: c107d02077d3e4f3124e3ed37e148550
SHA-256: 812a1f29ed5e1635d803e8b8ee548df57d4c0c68a3b3a987c0ee4393ac1fa9c4
Size: 2.12 MB
Asianux Server 8 for x86_64
- bluez-5.63-3.el8_10.ML.1.x86_64.rpm
MD5: c3f98a322f7cae659433067f10d70ba0
SHA-256: 99d5670abd5db2af0645eb3cb0706d13d524a56ad919ca3a8e13f1f2be770780
Size: 1.39 MB - bluez-cups-5.63-3.el8_10.ML.1.x86_64.rpm
MD5: ebaffc2334c92e7a703c0e3c62b25a78
SHA-256: 1f97a2df3190d17ca77908d27d6f445e05d56baa34b75ff61cc97543ebc408de
Size: 115.36 kB - bluez-hid2hci-5.63-3.el8_10.ML.1.x86_64.rpm
MD5: 3308e6d8ba61ab8926a02013b3210a95
SHA-256: 258ba0bec2508a5a9f624ed6e6af93886c905be7cefb302a4832b5f5d5370ffe
Size: 39.99 kB - bluez-libs-5.63-3.el8_10.ML.1.i686.rpm
MD5: 5305c94262d98cc21ffce57d32e75afc
SHA-256: 0af1b15b6746bd43774fe8d9ff985e33e623006a717a1c35e45c178837f3bca5
Size: 115.14 kB - bluez-libs-5.63-3.el8_10.ML.1.x86_64.rpm
MD5: ca17840c58a9a82f8e511f5811932213
SHA-256: 60bd52d77acc6008d3f861fd301308f3f9386f78d7a5e1706fb410d82155b1da
Size: 113.55 kB - bluez-libs-devel-5.63-3.el8_10.ML.1.i686.rpm
MD5: d745f45fa4ad6940f00973ecc10fcf6d
SHA-256: 8aa23b660b5244c41c446f14058c943c1c23b6f13b148f1aa043e0df5212f8cf
Size: 114.75 kB - bluez-libs-devel-5.63-3.el8_10.ML.1.x86_64.rpm
MD5: f04d6606d3dad24a522820bc501cf6fe
SHA-256: 27ebe3e16f36ea224cdf0a0792c2b6efce904cd2bd1e579e3704c96be62d40cf
Size: 114.73 kB - bluez-obexd-5.63-3.el8_10.ML.1.x86_64.rpm
MD5: c4d5330d98ef91bd71ef3a6e5c8083cc
SHA-256: 4ace01c5c6ba4cfb66eeeed80b7b8e07e5ed7badbc0007e7a2cb35df77bc3585
Size: 232.84 kB
English