bluez-5.44-4.el7
エラータID: AXSA:2017-2242:02
リリース日:
2017/09/15 Friday - 10:33
題名:
bluez-5.44-4.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- BlueZ の SDP サーバには、リモート攻撃者にbluetoothdのプロセスメモリーからセンシティブな
情報を漏洩してしまう脆弱性があります。
この脆弱性はSDPの検索属性のリクエストの処理に依存します。(CVE-2017-1000250)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
Update packages.
CVE:
CVE-2017-1000250
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.
追加情報:
N/A
ダウンロード:
SRPMS
- bluez-5.44-4.el7.src.rpm
MD5: 58ee5c10629ca6701139bf70f7c88d94
SHA-256: 900757929fd7b81ddc2e0d5a83690f7bd52eae27c7582bd80690c69cfabbad2c
Size: 1.63 MB
Asianux Server 7 for x86_64
- bluez-5.44-4.el7.x86_64.rpm
MD5: cf93a4cca1c9061385655e2a4a829325
SHA-256: 58074a7b53341bd3cb13697bc18aab7a26250ad9a8f38f98fa8475fe25da3590
Size: 1.23 MB - bluez-libs-5.44-4.el7.x86_64.rpm
MD5: 9345609d35373681c94f04863b957d6a
SHA-256: 750efcd4a93b8aba55b851a26b64ea03abc11b8ae00481f00695a43891de083d
Size: 79.40 kB - bluez-libs-5.44-4.el7.i686.rpm
MD5: 876ccfc719b93e106b78e90fa3d4ac2b
SHA-256: 85316278a918886684c7bf3ce70f49ee272bdeac7757344f51bce6578ce9a262
Size: 78.82 kB