Debian dla-3879 : bluetooth - security update

critical Nessus Plugin ID 206762

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3879 advisory.

- ------------------------------------------------------------------------- Debian LTS Advisory DLA-3879-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 07, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : bluez Version : 5.55-3.1+deb11u2 CVE ID : CVE-2021-3658 CVE-2021-41229 CVE-2021-43400 CVE-2022-0204 CVE-2022-39176 CVE-2022-39177 CVE-2023-27349 CVE-2023-50229 CVE-2023-50230 Debian Bug : 991596 998626 1000262 1003712

Multiple vulnerabilities have been fixed in bluez library, tools and daemons for using Bluetooth devices.

CVE-2021-3658

adapter: Fix storing discoverable setting

CVE-2021-41229

Memory leak in the SDP protocol

CVE-2021-43400

Use-after-free on client disconnect

CVE-2022-0204

GATT heap overflow

CVE-2022-39176

Proximate attackers could obtain sensitive information

CVE-2022-39177

Proximate attackers could cause denial of service

CVE-2023-27349

AVRCP crash while handling unsupported events

CVE-2023-50229

Phone Book Access profile Heap-based Buffer Overflow

CVE-2023-50230

Phone Book Access profile Heap-based Buffer Overflow

For Debian 11 bullseye, these problems have been fixed in version 5.55-3.1+deb11u2.

We recommend that you upgrade your bluez packages.

For the detailed security status of bluez please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/bluez

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the bluetooth packages.

See Also

https://security-tracker.debian.org/tracker/source-package/bluez

https://security-tracker.debian.org/tracker/CVE-2021-3658

https://security-tracker.debian.org/tracker/CVE-2021-41229

https://security-tracker.debian.org/tracker/CVE-2021-43400

https://security-tracker.debian.org/tracker/CVE-2022-0204

https://security-tracker.debian.org/tracker/CVE-2022-39176

https://security-tracker.debian.org/tracker/CVE-2022-39177

https://security-tracker.debian.org/tracker/CVE-2023-27349

https://security-tracker.debian.org/tracker/CVE-2023-50229

https://security-tracker.debian.org/tracker/CVE-2023-50230

https://packages.debian.org/source/bullseye/bluez

Plugin Details

Severity: Critical

ID: 206762

File Name: debian_DLA-3879.nasl

Version: 1.1

Type: local

Agent: unix

Published: 9/7/2024

Updated: 9/7/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2021-43400

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:bluez-hcidump, cpe:/o:debian:debian_linux:11.0, p-cpe:/a:debian:debian_linux:bluetooth, p-cpe:/a:debian:debian_linux:bluez, p-cpe:/a:debian:debian_linux:bluez-obexd, p-cpe:/a:debian:debian_linux:libbluetooth-dev, p-cpe:/a:debian:debian_linux:bluez-test-tools, p-cpe:/a:debian:debian_linux:bluez-meshd, p-cpe:/a:debian:debian_linux:bluez-test-scripts, p-cpe:/a:debian:debian_linux:bluez-source, p-cpe:/a:debian:debian_linux:libbluetooth3, p-cpe:/a:debian:debian_linux:bluez-cups

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/7/2024

Vulnerability Publication Date: 11/4/2021

Reference Information

CVE: CVE-2021-3658, CVE-2021-41229, CVE-2021-43400, CVE-2022-0204, CVE-2022-39176, CVE-2022-39177, CVE-2023-27349, CVE-2023-50229, CVE-2023-50230