SB2024111244 - Red Hat Enterprise Linux 9 update for bluez

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024111244

SB2024111244 - Red Hat Enterprise Linux 9 update for bluez

Published: November 12, 2024 Updated: December 19, 2024

Security Bulletin ID SB2024111244
Severity
Medium
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2023-45866)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an unspecified vulnerability in Bluetooth implementation. A remote attacker with physical proximity to device can inject keystrokes by spoofing a keyboard and execute arbitrary commands on the system.


2) Buffer overflow (CVE-ID: CVE-2023-27349)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the handling of the AVRCP protocol. A remote attacker with physical proximity to device can send specially crafted Bluetooth packets to the affected system, trigger memory corruption and execute arbitrary code on the system.



3) Heap-based buffer overflow (CVE-ID: CVE-2023-51596)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling the Phone Book Access profile. A remote attacker can trick the victim into connection to a malicious Bluetooth device, trigger a heap-based buffer overflow and execute arbitrary code on the system.


4) Out-of-bounds read (CVE-ID: CVE-2023-51594)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling OBEX protocol parameter. A remote attacker can trick the victim into connecting to a malicious device, trigger an out-of-bounds read and gain access to sensitive information.


5) Out-of-bounds read (CVE-ID: CVE-2023-51592)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling AVRCP protocol within the parse_media_folder() function. A remote attacker can trick the victim into connecting to a malicious device, trigger an out-of-bounds read and gain access to sensitive information.


6) Out-of-bounds read (CVE-ID: CVE-2023-51589)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling AVRCP protocol within the parse_media_element() function. A remote attacker can trick the victim into connecting to a malicious device, trigger an out-of-bounds read and gain access to sensitive information.

7) Out-of-bounds read (CVE-ID: CVE-2023-51580)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when handling AVRCP protocol within the avrcp_parse_attribute_list() function. A remote attacker can trick the victim into connecting to a malicious device, trigger an out-of-bounds read and gain access to sensitive information.

8) Stack-based buffer overflow (CVE-ID: CVE-2023-44431)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling AVRCP protocol. A remote attacker can trick the victim into connection to a malicious Bluetooth device, trigger a stack-based buffer overflow and execute arbitrary code on the system.

9) Heap-based buffer overflow (CVE-ID: CVE-2023-50230)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the handling of the Phone Book Access profile. A remote attacker on the local network can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


10) Heap-based buffer overflow (CVE-ID: CVE-2023-50229)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the handling of the Phone Book Access profile. A remote attacker on the local network can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References