Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code. (CVE-2022-0204)
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "libbluetooth3": "5.37-0ubuntu5.3+esm2", "bluez-dbgsym": "5.37-0ubuntu5.3+esm2", "bluez-hcidump": "5.37-0ubuntu5.3+esm2", "bluez-hcidump-dbgsym": "5.37-0ubuntu5.3+esm2", "bluez-obexd-dbgsym": "5.37-0ubuntu5.3+esm2", "bluez-cups-dbgsym": "5.37-0ubuntu5.3+esm2", "bluez-dbg": "5.37-0ubuntu5.3+esm2", "libbluetooth-dev": "5.37-0ubuntu5.3+esm2", "bluetooth": "5.37-0ubuntu5.3+esm2", "libbluetooth3-dbgsym": "5.37-0ubuntu5.3+esm2", "bluez-tests-dbgsym": "5.37-0ubuntu5.3+esm2", "bluez-cups": "5.37-0ubuntu5.3+esm2", "bluez-tests": "5.37-0ubuntu5.3+esm2", "libbluetooth-dev-dbgsym": "5.37-0ubuntu5.3+esm2", "libbluetooth3-dbg": "5.37-0ubuntu5.3+esm2", "bluez": "5.37-0ubuntu5.3+esm2", "bluez-obexd": "5.37-0ubuntu5.3+esm2" } ] }
{ "availability": "No subscription required", "binaries": [ { "libbluetooth3": "5.48-0ubuntu3.8", "bluetooth": "5.48-0ubuntu3.8", "bluez-hcidump": "5.48-0ubuntu3.8", "bluez-cups": "5.48-0ubuntu3.8", "bluez-tests": "5.48-0ubuntu3.8", "libbluetooth3-dbg": "5.48-0ubuntu3.8", "bluez-dbg": "5.48-0ubuntu3.8", "libbluetooth-dev": "5.48-0ubuntu3.8", "bluez": "5.48-0ubuntu3.8", "bluez-obexd": "5.48-0ubuntu3.8" } ] }
{ "availability": "No subscription required", "binaries": [ { "libbluetooth3": "5.53-0ubuntu3.5", "bluetooth": "5.53-0ubuntu3.5", "bluez-hcidump": "5.53-0ubuntu3.5", "bluez-cups": "5.53-0ubuntu3.5", "bluez-tests": "5.53-0ubuntu3.5", "libbluetooth3-dbg": "5.53-0ubuntu3.5", "bluez-dbg": "5.53-0ubuntu3.5", "libbluetooth-dev": "5.53-0ubuntu3.5", "bluez": "5.53-0ubuntu3.5", "bluez-obexd": "5.53-0ubuntu3.5" } ] }