283 matches found
SUSE-SU-2020:3491-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel Azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-25656: Fixed a concurrency use-after-free in vtdokdgkbioctl bnc1177766. - CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers i...
OPENSUSE-SU-2020:1962-1 Security update for kernel-firmware
This update for kernel-firmware fixes the following issue: - CVE-2020-12321: Updated the Intel Bluetooth firmware for buffer overflow security bugs bsc1178671. This update was imported from the SUSE:SLE-15-SP1:Update update project...
[SECURITY] Fedora 32 Update: blueman-2.1.4-1.fc32
Blueman is a tool to use Bluetooth devices. It is designed to provide simpl e, yet effective means for controlling BlueZ API and simplifying bluetooth tas ks such as: - Connecting to 3G/EDGE/GPRS via dial-up - Connecting to/Creating bluetooth networks - Connecting to input devices - Connecting to...
LSN-0073-1 Kernel Live Patch Security Notice
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...
MGASA-2020-0392 Updated kernel packages fix security vulnerabilities
A flaw was found in the way the Linux kernel Bluetooth implementation handled L2CAP packets with A2MP CID. A remote attacker in adjacent range could use this flaw to crash the system causing denial of service or potentially execute arbitrary code on the system by sending a specially crafted L2CAP...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Input validation
An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:1236-1 Rating: important References: 1065600 1065729 1120163 1133021 1149032 1152472 1152489 1153274 1154353 1154488 1155518 1155798 1165933 1167773 1168959 1169771 1171857 1171988 1172197 1172201...
bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication...
A Dozen Vulnerabilities Affect Millions of Bluetooth LE Powered Devices
A team of cybersecurity researchers late last week disclosed the existence of 12 potentially severe security vulnerabilities, collectively named 'SweynTooth,' affecting millions of Bluetooth-enabled wireless smart devices worldwide—and worryingly, a few of which haven't yet been patched. All...
CVE-2019-19194
The Bluetooth Low Energy Secure Manager Protocol SMP implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key LTK if an out-of-order link-layer encryption request...
hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3200-1)
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-19081: Fixed a memory leak in the nfpflowerspawnvnicreprs could have allowed attackers to cause a denial of service bsc1157045. CVE-2019-19080: Fixed fou...
The snooping girl on a train, again. How to compromise a business
So, I’m on a train, again, sat at a four-seat table, next to two men facing each other. From their conversation and interactions I’ve concluded that they are colleagues. The chap to my left is clearly working on implementation plans for a building management system, for a company I know yeah, I g...
SUSE-SU-2019:2710-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-18595: A double free may be caused by the function allocatetracebuffer in the file kernel/trace/trace.c bnc1149555. - CVE-2019-14821: An out-of-bounds...
SUSE-SU-2019:2706-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-15291: There was a NULL pointer dereference, caused by a malicious USB device in the flexcopusbprobe function in the drivers/media/usb/b2c2/flexcop-usb.c...
August 13, 2019—KB4512517 (OS Build 14393.3144)
August 13, 2019—KB4512517 OS Build 14393.3144 Reminder: The additional servicing for Windows 10 Enterprise, Education, and IoT Enterprise editions ended on April 9, 2019 and doesn't extend beyond this date. To continue receiving security and quality updates, Microsoft recommends updating to the...
Code injection
Nespresso Prodigio devices lack Bluetooth connection security...
On the IoT road: perks, benefits and security of moving smartly
Kaspersky has repeatedly investigated security issues related to IoT technologies for instance, here, or here. Earlier this year our experts have even gained foothold in the security of biomechanical prosthetic devices. The same implies to smart car security: our own research has indicated that...
June 11, 2019—KB4503293 (OS Build 18362.175)
June 11, 2019—KB4503293 OS Build 18362.175 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Notes: This release also contains updates for Microsoft HoloLens OS Build 18362.1020 released June 11, 2019. Microsoft will release an update...