MDVSA-2008:145 -- Mandriva bluezID: oval:org.secpod.oval:def:301540 | Date: (C)2012-01-07 (M)2024-02-19 |
Class: PATCH | Family: unix |
An input validation flaw was found in the Bluetooth Session Description Protocol packet parser used in the Bluez bluetooth utilities. A bluetooth device with an already-trusted relationship, or a local user registering a service record via a UNIX socket or D-Bus interface, could cause a crash and potentially execute arbitrary code with the privileges of the hcid daemon . The updated packages have been patched to correct this issue.
Platform: |
Mandriva Linux 2007.1 |
Mandriva Linux 2008.1 |
Mandriva Linux 2008.0 |