Bug 29323 - bluez new security issue CVE-2021-3658
Summary: bluez new security issue CVE-2021-3658
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2021-08-02 17:02 CEST by David Walser
Modified: 2021-08-06 11:35 CEST (History)
5 users (show)

See Also:
Source RPM: bluez-5.55-3.1.mga8.src.rpm
CVE: CVE-2021-3658
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2021-08-02 17:02:14 CEST 
Fedora has issued an advisory today (August 2):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TWHARMQLSFEQB4QZ3AQNN4HCL3HCRAVH/

Mageia 8 is also affected.
David Walser 2021-08-02 17:02:54 CEST

Whiteboard: (none) => MGA8TOO
CC: (none) => nicolas.salguero
Status comment: (none) => Patch available from Fedora and upstream

Comment 1 Nicolas Salguero 2021-08-02 17:39:45 CEST 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

Adapter incorrectly restores Discoverable state after powered down. (CVE-2021-3658)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3658
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TWHARMQLSFEQB4QZ3AQNN4HCL3HCRAVH/
========================

Updated packages in core/updates_testing:
========================
bluez-hid2hci-5.55-3.2.mga8
bluez-cups-5.55-3.2.mga8
lib(64)bluez3-5.55-3.2.mga8
lib(64)bluez-devel-5.55-3.2.mga8
bluez-mesh-5.55-3.2.mga8
bluez-5.55-3.2.mga8

from SRPM:
bluez-5.55-3.2.mga8.src.rpm

Source RPM: bluez-5.59-2.mga9.src.rpm => bluez-5.55-3.1.mga8.src.rpm
Status: NEW => ASSIGNED
Status comment: Patch available from Fedora and upstream => (none)
Whiteboard: MGA8TOO => (none)
Version: Cauldron => 8
Assignee: bugsquad => qa-bugs
CVE: (none) => CVE-2021-3658

Comment 2 Len Lawrence 2021-08-03 16:16:41 CEST 
Could not see the fault here before updating.

$ rpm -q bluez
bluez-5.55-3.1.mga8
Turned off bluetooth via the panel icon.
$ bluetoothctl
[bluetooth]# list
Controller 00:02:72:C6:B6:63 canopus [default]
<switched on bluetooth via panel>
[CHG] Controller 00:02:72:C6:B6:63 Class: 0x001c0104
[CHG] Controller 00:02:72:C6:B6:63 Powered: yes
[bluetooth]# list
Controller 00:02:72:C6:B6:63 canopus [default]
[bluetooth]# discoverable on
Changing discoverable on succeeded
[bluetooth]# power off
Changing power off succeeded
[CHG] Controller 00:02:72:C6:B6:63 Powered: no
[CHG] Controller 00:02:72:C6:B6:63 Discovering: no
[CHG] Controller 00:02:72:C6:B6:63 Class: 0x00000000
[bluetooth]# quit

Switched bluetooth off.  Bluetooth service still running.
$ rfkill
ID TYPE      DEVICE    SOFT      HARD
 0 bluetooth hci0   blocked unblocked

Updated the packages.
Bluetooth enabled automatically.  All three audio devices listed as before.
$ bluetoothctl
Agent registered
[bluetooth]# list
Controller 00:02:72:C6:B6:63 canopus [default]
<switched on bluetooth audio speaker>
[CHG] Device 00:0C:8A:9D:21:C3 Connected: yes
[Bose Mini SoundLink]# exit

Connected to portable HP Officejet printer and sent a couple of pages from LibreOffice.

Working fine here.

CC: (none) => tarazed25
Whiteboard: (none) => MGA8-64-OK

Comment 3 Brian Rockwell 2021-08-05 19:50:55 CEST 
installed and rebooted system

working fine

CC: (none) => brtians1

Comment 4 Thomas Andrews 2021-08-06 03:11:29 CEST 
Validating. Advisory in Comment 1.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Thomas Backlund 2021-08-06 11:05:11 CEST

Keywords: (none) => advisory

Comment 5 Mageia Robot 2021-08-06 11:35:23 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0395.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.