SUSE update for bluez



Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2021-3658
CVE-2021-43400
CWE-ID CWE-863
CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing
Operating systems & Components / Operating system

SUSE Enterprise Storage
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Workstation Extension
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Desktop Applications
Operating systems & Components / Operating system

SUSE Linux Enterprise Module for Basesystem
Operating systems & Components / Operating system

libbluetooth3-32bit-debuginfo
Operating systems & Components / Operating system package or component

libbluetooth3-32bit
Operating systems & Components / Operating system package or component

bluez-devel-32bit
Operating systems & Components / Operating system package or component

bluez-auto-enable-devices
Operating systems & Components / Operating system package or component

libbluetooth3-debuginfo
Operating systems & Components / Operating system package or component

libbluetooth3
Operating systems & Components / Operating system package or component

bluez-test-debuginfo
Operating systems & Components / Operating system package or component

bluez-test
Operating systems & Components / Operating system package or component

bluez-devel
Operating systems & Components / Operating system package or component

bluez-deprecated-debuginfo
Operating systems & Components / Operating system package or component

bluez-deprecated
Operating systems & Components / Operating system package or component

bluez-debugsource
Operating systems & Components / Operating system package or component

bluez-debuginfo
Operating systems & Components / Operating system package or component

bluez-cups-debuginfo
Operating systems & Components / Operating system package or component

bluez-cups
Operating systems & Components / Operating system package or component

bluez
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Incorrect authorization

EUVDB-ID: #VU83408

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3658

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to bluetoothd incorrectly saves the adapters' discoverable status when a device is powered down, and restores it when powered up. An attacker with physical proximity to device can gain access to sensitive information.

Mitigation

Update the affected package bluez to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Module for Desktop Applications: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

libbluetooth3-32bit-debuginfo: before 5.55-150300.3.14.1

libbluetooth3-32bit: before 5.55-150300.3.14.1

bluez-devel-32bit: before 5.55-150300.3.14.1

bluez-auto-enable-devices: before 5.55-150300.3.14.1

libbluetooth3-debuginfo: before 5.55-150300.3.14.1

libbluetooth3: before 5.55-150300.3.14.1

bluez-test-debuginfo: before 5.55-150300.3.14.1

bluez-test: before 5.55-150300.3.14.1

bluez-devel: before 5.55-150300.3.14.1

bluez-deprecated-debuginfo: before 5.55-150300.3.14.1

bluez-deprecated: before 5.55-150300.3.14.1

bluez-debugsource: before 5.55-150300.3.14.1

bluez-debuginfo: before 5.55-150300.3.14.1

bluez-cups-debuginfo: before 5.55-150300.3.14.1

bluez-cups: before 5.55-150300.3.14.1

bluez: before 5.55-150300.3.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223981-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU83407

Risk: Medium

CVSSv4.0: 3.7 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-43400

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows an attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in gatt-database.c on a gatt server if a client disconnects while a WriteValue call is being processed with D-Bus. An attacker with physical proximity to the system can trigger a use-after-free error and potentially execute arbitrary code.

Mitigation

Update the affected package bluez to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Enterprise Storage: 7.1

SUSE Manager Retail Branch Server: 4.2

SUSE Linux Enterprise Workstation Extension: 15-SP3

SUSE Linux Enterprise Desktop: 15-SP3

openSUSE Leap: 15.3

SUSE Manager Server: 4.2

SUSE Manager Proxy: 4.2

SUSE Linux Enterprise Server for SAP Applications: 15-SP3

SUSE Linux Enterprise Module for Desktop Applications: 15-SP3

SUSE Linux Enterprise Module for Basesystem: 15-SP3

libbluetooth3-32bit-debuginfo: before 5.55-150300.3.14.1

libbluetooth3-32bit: before 5.55-150300.3.14.1

bluez-devel-32bit: before 5.55-150300.3.14.1

bluez-auto-enable-devices: before 5.55-150300.3.14.1

libbluetooth3-debuginfo: before 5.55-150300.3.14.1

libbluetooth3: before 5.55-150300.3.14.1

bluez-test-debuginfo: before 5.55-150300.3.14.1

bluez-test: before 5.55-150300.3.14.1

bluez-devel: before 5.55-150300.3.14.1

bluez-deprecated-debuginfo: before 5.55-150300.3.14.1

bluez-deprecated: before 5.55-150300.3.14.1

bluez-debugsource: before 5.55-150300.3.14.1

bluez-debuginfo: before 5.55-150300.3.14.1

bluez-cups-debuginfo: before 5.55-150300.3.14.1

bluez-cups: before 5.55-150300.3.14.1

bluez: before 5.55-150300.3.14.1

CPE2.3 External links

http://www.suse.com/support/update/announcement/2022/suse-su-20223981-1/


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###