Overview

File _patchinfo of Package patchinfo.27440

<patchinfo incident="27440">
  <issue tracker="bnc" id="1203120">VUL-0: CVE-2022-39177: bluez: incorrect capability parsing in AVCTP allows physically approximate attackers to cause a denial of service</issue>
  <issue tracker="bnc" id="1203121">VUL-0: CVE-2022-39176: bluez: improper parameter length verification in AVRCP could allow physically proximate attackers to obtain sensitive information</issue>
  <issue tracker="cve" id="2022-39177"/>
  <issue tracker="cve" id="2022-39176"/>
  <packager>joeyli</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bluez</summary>
  <description>This update for bluez fixes the following issues:

- CVE-2022-39176: Fixed a memory safety issue that could allow
  physically proximate attackers to obtain sensitive information
  (bsc#1203121).
- CVE-2022-39177: Fixed a memory safety issue that could allow
  physically proximate attackers to cause a denial of service
  (bsc#1203120).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places