| Reporter | Title | Published | Views | Family All 183 |
|---|---|---|---|---|
| Security Bulletin: Vulnerability in BlueZ affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. | 13 Mar 202517:32 | – | ibm | |
| CVE-2023-51592 | 3 May 202403:16 | – | attackerkb | |
| CVE-2023-51596 | 3 May 202403:16 | – | attackerkb | |
| CVE-2023-44431 | 3 May 202403:15 | – | attackerkb | |
| CVE-2023-51580 | 3 May 202403:16 | – | attackerkb | |
| CVE-2023-51594 | 3 May 202403:16 | – | attackerkb | |
| CVE-2023-51589 | 3 May 202403:16 | – | attackerkb | |
| Alibaba Cloud Linux 3 : 0059: bluez (ALINUX3-SA-2025:0059) | 14 May 202500:00 | – | nessus | |
| AlmaLinux 8 : bluez (ALSA-2025:4043) | 23 Apr 202500:00 | – | nessus | |
| MiracleLinux 9 : bluez-5.72-2.el9 (AXSA:2024-9114:01) | 20 Jan 202600:00 | – | nessus |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2025-35347bf9f0
#
include('compat.inc');
if (description)
{
script_id(237949);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/06/08");
script_cve_id(
"CVE-2023-44431",
"CVE-2023-51580",
"CVE-2023-51589",
"CVE-2023-51592",
"CVE-2023-51594",
"CVE-2023-51596"
);
script_xref(name:"FEDORA", value:"2025-35347bf9f0");
script_name(english:"Fedora 42 : bluez / iwd / libell (2025-35347bf9f0)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the
FEDORA-2025-35347bf9f0 advisory.
bluez 5.80:
Fix issue with handling address type for all types of keys.
Fix issue with handling maximum number of GATT channels.
Fix issue with handling MTU auto-tuning feature.
Fix issue with handling AVRCP volume in reconfigured transports.
Fix issue with handling VCP volume setting requests.
Fix issue with handling VCP connection management.
Fix issue with handling MAP qualification.
Fix issue with handling PBAP qualification.
Fix issue with handling BNEP qualification.
Add support for PreferredBearer device property.
Add support for SupportedTypes Message Access property.
Add support for HFP, A2DP, AVRCP, AVCTP and MAP latest versions.
iwd 3.4:
Add support for the Test Anything Protocol.
libell 0.74:
Add support for NIST P-192 curve usage with ECDH.
Add support for SHA-224 based checksums and HMACs.
libell 0.73:
Fix issue with parsing hwdb.bin child structures.
libell 0.72:
Add support for the Test Anything Protocol.
Tenable has extracted the preceding description block directly from the Fedora security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2025-35347bf9f0");
script_set_attribute(attribute:"solution", value:
"Update the affected bluez, iwd and / or libell packages.");
script_set_cvss_base_vector("CVSS2#AV:A/AC:H/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-51596");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/08");
script_set_attribute(attribute:"patch_publication_date", value:"2025/03/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/06/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:42");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:bluez");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:iwd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libell");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'Fedora' >!< os_product) audit(AUDIT_OS_NOT, 'Fedora');
var os_release = get_kb_item('installed_os/local/SSH/0/release');
if (isnull(os_release)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
if (! preg(pattern:"^42([^0-9]|$)", string:os_release)) audit(AUDIT_OS_NOT, 'Fedora 42', 'Fedora ' + os_release);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);
var constraints = [
{
'release': '42',
'pkgs': [
{'reference':'bluez-5.80-1.fc42', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwd-3.4-1.fc42', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libell-0.74-1.fc42', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var flag = 0;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
var reference = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bluez / iwd / libell');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation