Bug 1204627 (CVE-2022-3637) - VUL-0: CVE-2022-3637: bluez: crash when using RTT backend
Summary: VUL-0: CVE-2022-3637: bluez: crash when using RTT backend
Status: RESOLVED FIXED
Alias: CVE-2022-3637
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/345994/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-10-24 08:17 UTC by Thomas Leroy
Modified: 2024-05-03 09:00 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2022-10-24 08:17:57 UTC 
CVE-2022-3637

A vulnerability has been found in Linux Kernel and classified as problematic.
This vulnerability affects the function jlink_init of the file monitor/jlink.c
of the component BlueZ. The manipulation leads to denial of service. It is
recommended to apply a patch to fix this issue. The identifier of this
vulnerability is VDB-211936.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3637
https://www.cve.org/CVERecord?id=CVE-2022-3637
http://www.cvedetails.com/cve/CVE-2022-3637/
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=1d6cfb8e625a944010956714c1802bc1e1fc6c4f
https://vuldb.com/?id.211936
Comment 1 Thomas Leroy 2022-10-24 08:19:25 UTC 
The bug was introduced in v5.65 in this commit [0].
Only openSUSE:Factory in affected.

[0] https://github.com/bluez/bluez/commit/6f02010ce0043ec2e17eb15f2a1dd42f6c64e223
Comment 2 Joey Lee 2023-03-30 06:27:05 UTC 
(In reply to Thomas Leroy from comment #1)
> The bug was introduced in v5.65 in this commit [0].
> Only openSUSE:Factory in affected.
> 
> [0]
> https://github.com/bluez/bluez/commit/
> 6f02010ce0043ec2e17eb15f2a1dd42f6c64e223

The bluez in factory is updated to 5.66. But we pushed bluez 5.65 to 15-SP5. I will backport the fixing to 15-SP5/bluez
Comment 3 Joey Lee 2023-03-30 06:41:21 UTC 
(In reply to Thomas Leroy from comment #0)
> CVE-2022-3637
> 
> A vulnerability has been found in Linux Kernel and classified as problematic.
> This vulnerability affects the function jlink_init of the file
> monitor/jlink.c
> of the component BlueZ. The manipulation leads to denial of service. It is
> recommended to apply a patch to fix this issue. The identifier of this
> vulnerability is VDB-211936.
> 
> References:
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3637
> https://www.cve.org/CVERecord?id=CVE-2022-3637
> http://www.cvedetails.com/cve/CVE-2022-3637/
> https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/
> ?id=1d6cfb8e625a944010956714c1802bc1e1fc6c4f

hm... Actually, the fixing patch 1d6cfb8e625a944010956714c1802bc1e1fc6c4f is also in bluez-5.65. I have checked and confirmed that the change is in the bluez 5.65 in 15-SP5. So we don't need backport it.

Other Leap/SLE/Factory are not affect. Reset assigner.
Comment 4 Robert Frohl 2024-05-03 09:00:10 UTC 
done, closing