Headline
Ubuntu Security Notice USN-5481-1
Ubuntu Security Notice 5481-1 - It was discovered that BlueZ incorrectly validated certain capabilities and lengths when handling the A2DP profile. A remote attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code.
==========================================================================Ubuntu Security Notice USN-5481-1June 15, 2022bluez vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTSSummary:Several security issues were fixed in BlueZ.Software Description:- bluez: Bluetooth tools and daemonsDetails:It was discovered that BlueZ incorrectly validated certain capabilitiesand lengths when handling the A2DP profile. A remote attacker could usethis issue to cause BlueZ to crash, resulting in a denial of service, orpossibly execute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS: bluez 5.53-0ubuntu3.6 libbluetooth3 5.53-0ubuntu3.6Ubuntu 18.04 LTS: bluez 5.48-0ubuntu3.9 libbluetooth3 5.48-0ubuntu3.9In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-5481-1 https://launchpad.net/bugs/1977968Package Information: https://launchpad.net/ubuntu/+source/bluez/5.53-0ubuntu3.6 https://launchpad.net/ubuntu/+source/bluez/5.48-0ubuntu3.9