Ubuntu has issued an advisory today (February 8): https://ubuntu.com/security/notices/USN-5275-1 The issue is fixed upstream in 5.63.
Status comment: (none) => Fixed upstream in 5.63CC: (none) => nicolas.salgueroWhiteboard: (none) => MGA8TOO
Suggested advisory: ======================== The updated packages fix a security vulnerability: Ziming Zhang discovered that BlueZ incorrectly handled memory write operations in its gatt server. A remote attacker could possibly use this to cause BlueZ to crash leading to a denial of service, or potentially remotely execute code. (CVE-2022-0204) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0204 https://ubuntu.com/security/notices/USN-5275-1 ======================== Updated packages in core/updates_testing: ======================== bluez-hid2hci-5.55-3.4.mga8 bluez-cups-5.55-3.4.mga8 lib(64)bluez3-5.55-3.4.mga8 lib(64)bluez-devel-5.55-3.4.mga8 bluez-mesh-5.55-3.4.mga8 bluez-5.55-3.4.mga8 from SRPM: bluez-5.55-3.4.mga8.src.rpm
Status comment: Fixed upstream in 5.63 => (none)CVE: (none) => CVE-2022-0204Status: NEW => ASSIGNEDWhiteboard: MGA8TOO => (none)Assignee: bugsquad => qa-bugs
MGA8-64 Plasma on Lenovo B50 in Dutch. No installation issues Ref bug 25969, connecting to my own Nokia 1 smartphonegets setup OK, bt fle transfer is not possible. Tried the sam exerciseto my wife's Galaxy A 12, and file transfer works OK. Good enough for me.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
Validating. Advisory in Comment 1.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0058.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED