Download
| Alert*
oval:org.secpod.oval:def:89049764
This update for bluez fixes the following issues: Security issues fixed: - CVE-2016-9800: Fixed a buffer overflow in pin_code_reply_dump function - CVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function oval:org.secpod.oval:def:2001179 In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter. oval:org.secpod.oval:def:89002351 This update for bluez fixes the following issues: Security issues fixed: - CVE-2016-9800: Fixed a buffer overflow in the pin_code_reply_dump function - CVE-2016-9801: Fixed a buffer overflow in the set_ext_ctrl function oval:org.secpod.oval:def:89002149 This update for bluez fixes the following issues: Security issues fixed: - CVE-2016-9800: Fix hcidump memory leak in pin_code_reply_dump . - CVE-2016-9804: Fix hcidump buffer overflow in commands_dump . - CVE-2016-7837: Fix possible buffer overflow, make sure we don"t write past the end of the array ... |