Astra Linux – Vulnerability in bluez

Bluetooth HID Hosts in BlueZ may allow an unauthenticated peripheral role HID device to initiate and establish an encrypted connection, and to accept HID keyboard reports. This could potentially allow the injection of HID messages when no user interaction has occurred in the Central role, thereby...

TencentOS Server 4: bluez (TSSA-2024:0357)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0357 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

NewStart CGSL MAIN 7.02 : bluez Vulnerability (NS-SA-2025-0149)

The remote NewStart CGSL host, running version MAIN 7.02, has bluez packages installed that are affected by a vulnerability: - Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports,...

Amazon Linux 2 : bluez (ALAS-2024-2386)

The version of bluez installed on the remote host is prior to 5.44-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2386 advisory. bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 Tenable has...

Debian DSA-5584-1 : bluez - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5584 advisory. It was reported that the BlueZ's HID profile implementation is not inline with the HID specification which mandates the use of Security Mode 4. The HID profile...

Slackware Linux 15.0 / current bluez Vulnerability (SSA:2023-348-01)

The version of bluez installed on the remote host is prior to 5.71. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-348-01 advisory. - Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connectio...

AZL-32161 CVE-2023-45866 affecting package bluez for versions less than 5.63-5

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such...

AZL-34571 CVE-2023-45866 affecting package bluez for versions less than 5.63-6

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such...

Fedora 39 : bluez (2023-6a3fe615d3)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-6a3fe615d3 advisory. Install default input.conf/network.conf Add mitigation for CVE-2023-45866 Tenable has extracted the preceding description block directly from the Fedora...

CVE-2023-45866

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such...