Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.4011 bluez security update 29 November 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: bluez Publisher: Debian Operating System: Debian GNU/Linux Impact/Access: Denial of Service -- Remote/Unauthenticated Provide Misleading Information -- Unknown/Unspecified Access Confidential Data -- Unknown/Unspecified Resolution: Patch/Upgrade CVE Names: CVE-2021-41229 CVE-2019-8922 CVE-2019-8921 Reference: ESB-2021.3989 Original Bulletin: https://lists.debian.org/debian-lts-announce/2021/11/msg00022.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2827-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Sylvain Beucler November 27, 2021 https://wiki.debian.org/LTS - - ------------------------------------------------------------------------- Package : bluez Version : 5.43-2+deb9u5 CVE ID : CVE-2019-8921 CVE-2019-8922 CVE-2021-41229 Debian Bug : 1000262 Several vulnerabilities were discovered in BlueZ, the Linux Bluetooth protocol stack. An attacker could cause a denial-of-service (DoS) or leak information. CVE-2019-8921 SDP infoleak; the vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation of BlueZ. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in leaking arbitrary heap data. CVE-2019-8922 SDP Heap Overflow; this vulnerability lies in the SDP protocol handling of attribute requests as well. By requesting a huge number of attributes at the same time, an attacker can overflow the static buffer provided to hold the response. CVE-2021-41229 sdp_cstate_alloc_buf allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash. For Debian 9 stretch, these problems have been fixed in version 5.43-2+deb9u5. We recommend that you upgrade your bluez packages. For the detailed security status of bluez please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bluez Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmGiEh0ACgkQDTl9HeUl XjCqVQ/9HDvMcYwdegi6hxeBdzaBghIHveFKGx9HxOSEVHjtFabZbURMWT+nlg1a TvhzC2YPKGyvqV6DJz3d1Nvc01bHcqRr/0ZUywn7bgjsCyjhNGTQCJgCL4lGdRkb i9fsgDRVAb94PACw9O4o5FvpAexAIpNlhEi8+jyPmUa/dgPXS6UwD9SG1jbvAY/L NK4uilj6y0rcLuJLNS5DlXsSKSaQ/OauzPcZgh3r99C4SU51Ix90GbhBL/+C7aox hP8s85bjfMMpqrkxqu+210Pf+J/fQc/h/LGBGryQqgaOdQ2Feu8YOLTSG64M42UJ Bm0Xw3MXbxOl4Rk2eg86g0zf/s/ONBGZZcIdHwJDDeWvWRtoJ+b/FceWdJvlgxBA 0gwzWsdvlaporMIabqhgVVRebpsK9sSJ3MLVo6ADZV3UZvfNdPQYmh5psvzBgYXX O01V+kB5Gxd+MegV8QfOb+pKE+jNTrwhzWOx5z2J9T6nTBo6ABq9PgBHKqJnO2Ov K1rwRF1EMPjnM+en1plSjfNRIxATBTDXAISryK00NL+X35QgetA5YcVWH0bHbLZr kXE2pk/56UzC64Fw+wkTJKwxNP7TykFAY6JZAwtDb58jssXOXHa8j5wzQ4IZ8Kcd t7QY1Xt77yyFlVLWszbkQtFsWX7hETVnEC90tNHrIYXe34dELso= =fTkb - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYaQ3VONLKJtyKPYoAQj8Kw/+LIEsyUzhserQxl8aFzIsxUFxbehV/jeb HR6Ijsfw8xe3UROJDKOjmHfYWWVFV+eHlUxe7a56EHUEdS2F63wkjbyXGjTJrzE3 dARA0G2tnY/PCR40svqFUzV/GWGynNYCKwkAX7CrV0aUvLvJAFbTqdYqOA+qyH6J lYawZjpyXOL/+foDF/2q4TanyLOCodE60qDR8A+oO6CFimrodgWeaRZPYmIJO0yA PjLzgCLWGbMo5rDy3vHVkXIpoiNHi8bIQGEM25HgKYnJC5yrdkOXb2cuU8lf5kOj qIajIzKueLvE6NmvFS/W3a2xeDW7shszBiI38NCutMwzdsxbhdzvty3uhUbrotMV QB3vyRz5UZgTeq0FzcW4ZWN9L/z5S/30KaVeBw5o7C1lBMRY+5a9sVgsY1OyLmln KL8wc86WXrN9hPkN1aen8bbd0ijG6Q6mD2rhB68YWb8O392lWmFy+Kgp08pooLtJ 0unL4JUGkmuD03JgvwPgtSj5hDWvw5p76h3i8IZtzD2N22FT0GZUw9z2mOW8JEY4 V6/hyNM5UVthMFJQwo57s3p/VncY6iXDK6kwmD0zWPT0s9ppnq14oBXV+gDWKhRD nJQM6bK3YILlmV8Z4CaQnkMHKlhaG0N3LMEqnwB1npcyzbZjvPpNbXrAxu2xvwiI j6BjIoBRup8= =GwNS -----END PGP SIGNATURE-----