USN-4605-1: Blueman vulnerability
27 October 2020
Blueman could be made to run programs if it received specially crafted input.
- blueman - Graphical bluetooth manager
Vaisha Bernard discovered that blueman did not properly sanitize input on
the d-bus interface to blueman-mechanism. A local attacker could possibly
use this issue to escalate privileges and run arbitrary code or cause a
denial of service. (CVE-2020-15238)
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.