bluez-5.63-5.el8_10.ML.1
エラータID: AXSA:2025-9877:01
リリース日:
2025/04/24 Thursday - 21:09
題名:
bluez-5.63-5.el8_10.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- BlueZ Audio Profile AVRCP 機能には、メモリ領域の境界外書き込み
の問題があるため、Bluetooth 通信が可能な範囲にいる攻撃者により、
細工された Bluetooth デバイスの接続を介して、特権昇格、および任意
のコードの実行を可能とする脆弱性が存在します。(CVE-2023-27349)
- BlueZ のオーディオプロファイル (AVRCP) の parse_media_element()
関数には、入力されたデータのチェック処理の欠落に起因したメモリ
領域の範囲外読み取りの問題があるため、Bluetooth 通信が可能な範囲
にいる攻撃者により、細工された Bluetooth デバイスとの接続を介して、
情報の漏洩、および特権での任意のコードの実行を可能とする脆弱性が
存在します。(CVE-2023-51589)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-27349
BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19908.
BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19908.
CVE-2023-51589
BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20853.
BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20853.
追加情報:
N/A
ダウンロード:
SRPMS
- bluez-5.63-5.el8_10.ML.1.src.rpm
MD5: 43c0ebc379799514e24738f594b4c1bc
SHA-256: 471b2ab592fd506b0ecfd761f20a1f431d01a53bfcd5794dae8ef427a652974f
Size: 2.12 MB
Asianux Server 8 for x86_64
- bluez-5.63-5.el8_10.ML.1.x86_64.rpm
MD5: ba3777d2d05ea8533534eb6564a970e7
SHA-256: 0a9c0cfdee19e0f83e5826c01f3159b2483f6acdca82a6d15550220b014a8a7d
Size: 1.39 MB - bluez-cups-5.63-5.el8_10.ML.1.x86_64.rpm
MD5: aa0b6e2f10a0d5c80a929b44284897f7
SHA-256: bf5a3c6fc6d10609cf10548c5a4a2e895f75ba84f2453573a77b6f62246fd8f5
Size: 115.67 kB - bluez-hid2hci-5.63-5.el8_10.ML.1.x86_64.rpm
MD5: e1c5210b5296d57d234ecb2feffc2749
SHA-256: 552dbc1bc08614da6a10fd980c5aec85104c1d4cfa6f06ebe75356372a836394
Size: 40.29 kB - bluez-libs-5.63-5.el8_10.ML.1.i686.rpm
MD5: 58b583d95d7eeed18c8a49146b8387f2
SHA-256: 6f41cc0373b20260683e8f45260492312bc38021c1a4b61f88b7ffd008badd59
Size: 115.45 kB - bluez-libs-5.63-5.el8_10.ML.1.x86_64.rpm
MD5: 3e751f9954f2fb8e511478c0429c79e8
SHA-256: 7e86505652d9da9038b21ef7b273c77d3299a5393b7e78d8ef9f8465c9e8eba0
Size: 113.86 kB - bluez-libs-devel-5.63-5.el8_10.ML.1.i686.rpm
MD5: 65f5a480a9edc9c3d19ebb67f1ff36d5
SHA-256: b2a296e52baa5a7795a2951db5dd180285b7efe8d282a158f44440e98c900b8b
Size: 115.05 kB - bluez-libs-devel-5.63-5.el8_10.ML.1.x86_64.rpm
MD5: dd3723597dd48299ba86d0d3b6d71eaa
SHA-256: 714938d9ba1dfb905d2286a2244fb8091315780751cfb5d6ad2e52de95b7e6fd
Size: 115.04 kB - bluez-obexd-5.63-5.el8_10.ML.1.x86_64.rpm
MD5: 6c8076c6f0cb3a8c04c4450c449d7673
SHA-256: 537f9c0a8f67fc4cf3cb66d8a9571590c7f92e77ba62a2dcf1a60454a91e2b41
Size: 232.92 kB
English