USN-4605-2: Blueman update

  • Thread starter Ubuntu security notices
  • Start date
U

Ubuntu security notices

Guest
Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. (CVE-2020-15238) While a previous security update fixed the issue, this update provides additional improvements by enabling PolicyKit authentication for privileged commands.

Continue reading...
 
Top