Bugzilla – Bug 1192760
VUL-1: CVE-2021-41229: bluez: memory leak in the SDP protocol handling
Last modified: 2024-07-03 13:41:51 UTC
CVE-2021-41229 BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp packets and this may cause the service of the target device to crash. Upstream commit: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e79417ed7185b150a056d4eb3a1ab528b91d2fc0 Vulnerable commit: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=d939483328489fb835bb425d36f7c7c73d52c388 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41229 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41229 https://github.com/bluez/bluez/security/advisories/GHSA-3fqg-r8j5-f5xq
The last version at this date is 5.62, and does not contain the fixing commit. Affected codestreams: - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 - SUSE:SLE-11-SP4:Update 4.99 - SUSE:SLE-12-SP2:Update 5.13-5.23.1 - SUSE:SLE-15:Update 5.48 - SUSE:SLE-15-SP2:Update 5.48-13.3.1 - SUSE:SLE-15-SP3:Update 5.55-3.3.1 - openSUSE:Factory 5.62 - openSUSE:Leap:15.2:Update 5.48
I don't think the kernel is impacted. Al, can you confirm that please?
SUSE:SLE-15-SP4:Update (v5.62) is also affected.
(In reply to Thomas Leroy from comment #1) > The last version at this date is 5.62, and does not contain the fixing > commit. > > Affected codestreams: > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > - SUSE:SLE-11-SP4:Update 4.99 > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > - SUSE:SLE-15:Update 5.48 > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 > - openSUSE:Factory 5.62 > - openSUSE:Leap:15.2:Update 5.48 Fixing patch: commit e79417ed7185b150a056d4eb3a1ab528b91d2fc0 [5.63~39] Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Date: Thu Jul 15 11:01:20 2021 -0700 sdpd: Fix leaking buffers stored in cstates cache Update status: - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 - SUSE:SLE-11-SP4:Update 4.99 - SUSE:SLE-12-SP2:Update 5.13-5.23.1 - SUSE:SLE-15:Update 5.48 [sent, sr#304363] - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [sent, sr#304361] - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [sent, sr#304360] - SUSE:SLE-15-SP4:Update 5.62 [sent, sr#304355] - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] - openSUSE:Factory 5.66 [included e79417ed] - openSUSE:Leap:15.2:Update 5.48
SUSE-SU-2023:3240-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1192760 CVE References: CVE-2021-41229 Sources used: SUSE Manager Proxy 4.2 (src): bluez-5.55-150300.3.25.1 SUSE Manager Retail Branch Server 4.2 (src): bluez-5.55-150300.3.25.1 SUSE Manager Server 4.2 (src): bluez-5.55-150300.3.25.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:3238-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1192760 CVE References: CVE-2021-41229 Sources used: openSUSE Leap 15.4 (src): bluez-5.62-150400.4.16.1 SUSE Linux Enterprise Micro for Rancher 5.3 (src): bluez-5.62-150400.4.16.1 SUSE Linux Enterprise Micro 5.3 (src): bluez-5.62-150400.4.16.1 SUSE Linux Enterprise Micro for Rancher 5.4 (src): bluez-5.62-150400.4.16.1 SUSE Linux Enterprise Micro 5.4 (src): bluez-5.62-150400.4.16.1 Basesystem Module 15-SP4 (src): bluez-5.62-150400.4.16.1 Desktop Applications Module 15-SP4 (src): bluez-5.62-150400.4.16.1 SUSE Linux Enterprise Workstation Extension 15 SP4 (src): bluez-5.62-150400.4.16.1 openSUSE Leap Micro 5.3 (src): bluez-5.62-150400.4.16.1 openSUSE Leap Micro 5.4 (src): bluez-5.62-150400.4.16.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
(In reply to Joey Lee from comment #5) > (In reply to Thomas Leroy from comment #1) > > The last version at this date is 5.62, and does not contain the fixing > > commit. > > > > Affected codestreams: > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > > - SUSE:SLE-11-SP4:Update 4.99 > > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > > - SUSE:SLE-15:Update 5.48 > > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 > > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 > > - openSUSE:Factory 5.62 > > - openSUSE:Leap:15.2:Update 5.48 > > Fixing patch: > > commit e79417ed7185b150a056d4eb3a1ab528b91d2fc0 [5.63~39] > Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> > Date: Thu Jul 15 11:01:20 2021 -0700 > > sdpd: Fix leaking buffers stored in cstates cache > > Update status: > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > - SUSE:SLE-11-SP4:Update 4.99 > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > - SUSE:SLE-15:Update 5.48 [sent, sr#304363] > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [sent, sr#304361] > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [sent, sr#304360] > - SUSE:SLE-15-SP4:Update 5.62 [sent, sr#304355] > - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] > - openSUSE:Factory 5.66 [included e79417ed] > - openSUSE:Leap:15.2:Update 5.48 Update status: - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 - SUSE:SLE-11-SP4:Update 4.99 - SUSE:SLE-12-SP2:Update 5.13-5.23.1 - SUSE:SLE-15:Update 5.48 [DONE] - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [DONE] - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [DONE] - SUSE:SLE-15-SP4:Update 5.62 [DONE] - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] - openSUSE:Factory 5.66 [included e79417ed] - openSUSE:Leap:15.2:Update 5.48
(In reply to Joey Lee from comment #9) > (In reply to Joey Lee from comment #5) > > (In reply to Thomas Leroy from comment #1) > > > The last version at this date is 5.62, and does not contain the fixing > > > commit. > > > > > > Affected codestreams: > > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > > > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > > > - SUSE:SLE-11-SP4:Update 4.99 > > > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > > > - SUSE:SLE-15:Update 5.48 > > > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 > > > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 > > > - openSUSE:Factory 5.62 > > > - openSUSE:Leap:15.2:Update 5.48 > > > > Fixing patch: > > > > commit e79417ed7185b150a056d4eb3a1ab528b91d2fc0 [5.63~39] > > Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> > > Date: Thu Jul 15 11:01:20 2021 -0700 > > > > sdpd: Fix leaking buffers stored in cstates cache > > > > Update status: > > > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > > - SUSE:SLE-11-SP4:Update 4.99 > > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > > - SUSE:SLE-15:Update 5.48 [sent, sr#304363] > > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [sent, sr#304361] > > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [sent, sr#304360] > > - SUSE:SLE-15-SP4:Update 5.62 [sent, sr#304355] > > - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] > > - openSUSE:Factory 5.66 [included e79417ed] > > - openSUSE:Leap:15.2:Update 5.48 > > Update status: > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > - SUSE:SLE-11-SP4:Update 4.99 > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > - SUSE:SLE-15:Update 5.48 [DONE] > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [DONE] > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [DONE] > - SUSE:SLE-15-SP4:Update 5.62 [DONE] > - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] > - openSUSE:Factory 5.66 [included e79417ed] > - openSUSE:Leap:15.2:Update 5.48 Update status: - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 [EoL] - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 [sent, sr#305971] - SUSE:SLE-11-SP4:Update 4.99 [EoL] - SUSE:SLE-12-SP2:Update 5.13-5.23.1 [sent, sr#305951] - SUSE:SLE-15:Update 5.48 [DONE] - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [DONE] - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [DONE] - SUSE:SLE-15-SP4:Update 5.62 [DONE] - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] - openSUSE:Factory 5.66 [included e79417ed] - openSUSE:Leap:15.2:Update 5.48 [EoL]
(In reply to Joey Lee from comment #12) > (In reply to Joey Lee from comment #9) > > (In reply to Joey Lee from comment #5) > > > (In reply to Thomas Leroy from comment #1) > > > > The last version at this date is 5.62, and does not contain the fixing > > > > commit. > > > > > > > > Affected codestreams: > > > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > > > > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > > > > - SUSE:SLE-11-SP4:Update 4.99 > > > > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > > > > - SUSE:SLE-15:Update 5.48 > > > > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 > > > > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 > > > > - openSUSE:Factory 5.62 > > > > - openSUSE:Leap:15.2:Update 5.48 > > > > > > Fixing patch: > > > > > > commit e79417ed7185b150a056d4eb3a1ab528b91d2fc0 [5.63~39] > > > Author: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> > > > Date: Thu Jul 15 11:01:20 2021 -0700 > > > > > > sdpd: Fix leaking buffers stored in cstates cache > > > > > > Update status: > > > > > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > > > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > > > - SUSE:SLE-11-SP4:Update 4.99 > > > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > > > - SUSE:SLE-15:Update 5.48 [sent, sr#304363] > > > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [sent, sr#304361] > > > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [sent, sr#304360] > > > - SUSE:SLE-15-SP4:Update 5.62 [sent, sr#304355] > > > - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] > > > - openSUSE:Factory 5.66 [included e79417ed] > > > - openSUSE:Leap:15.2:Update 5.48 > > > > Update status: > > > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 > > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 > > - SUSE:SLE-11-SP4:Update 4.99 > > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 > > - SUSE:SLE-15:Update 5.48 [DONE] > > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [DONE] > > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [DONE] > > - SUSE:SLE-15-SP4:Update 5.62 [DONE] > > - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] > > - openSUSE:Factory 5.66 [included e79417ed] > > - openSUSE:Leap:15.2:Update 5.48 > > Update status: > > - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 [EoL] > - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 [sent, sr#305971] > - SUSE:SLE-11-SP4:Update 4.99 [EoL] > - SUSE:SLE-12-SP2:Update 5.13-5.23.1 [sent, sr#305951] > - SUSE:SLE-15:Update 5.48 [DONE] > - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [DONE] > - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [DONE] > - SUSE:SLE-15-SP4:Update 5.62 [DONE] > - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] > - openSUSE:Factory 5.66 [included e79417ed] > - openSUSE:Leap:15.2:Update 5.48 [EoL] Update status: - SUSE:SLE-11-SP1:Update 4.51-1.5.3.1 [EoL] - SUSE:SLE-11-SP3:Update 4.99-0.9.3.1 [DONE] - SUSE:SLE-11-SP4:Update 4.99 [EoL] - SUSE:SLE-12-SP2:Update 5.13-5.23.1 [DONE] - SUSE:SLE-15:Update 5.48 [DONE] - SUSE:SLE-15-SP2:Update 5.48-13.3.1 [DONE] - SUSE:SLE-15-SP3:Update 5.55-3.3.1 [DONE] - SUSE:SLE-15-SP4:Update 5.62 [DONE] - SUSE:SLE-15-SP5:GA 5.65 [included e79417ed] - openSUSE:Factory 5.66 [included e79417ed] - openSUSE:Leap:15.2:Update 5.48 [EoL] Reset assigner.
SUSE-SU-2023:3689-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1192760 CVE References: CVE-2021-41229 Sources used: SUSE Linux Enterprise Software Development Kit 12 SP5 (src): bluez-5.13-5.42.2 SUSE Linux Enterprise Server 12 SP5 (src): bluez-5.13-5.42.2 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): bluez-5.13-5.42.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): bluez-5.13-5.42.2 SUSE Linux Enterprise Workstation Extension 12 12-SP5 (src): bluez-5.13-5.42.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0167-1: An update that solves three vulnerabilities can now be installed. Category: security (important) Bug References: 1192760, 1218300, 1218301 CVE References: CVE-2021-41229, CVE-2023-50229, CVE-2023-50230 Sources used: SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): bluez-5.48-150200.13.30.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): bluez-5.48-150200.13.30.1 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): bluez-5.48-150200.13.30.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0166-1: An update that solves three vulnerabilities can now be installed. Category: security (important) Bug References: 1192760, 1218300, 1218301 CVE References: CVE-2021-41229, CVE-2023-50229, CVE-2023-50230 Sources used: SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): bluez-5.48-150000.5.54.1 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): bluez-5.48-150000.5.54.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): bluez-5.48-150000.5.54.1 SUSE CaaS Platform 4.0 (src): bluez-5.48-150000.5.54.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
All done, closing.