[Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-8805

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Oct 20 15:28:31 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
35e6ce14 by Salvatore Bonaccorso at 2024-10-20T16:28:00+02:00
Update information for CVE-2024-8805

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5356,13 +5356,10 @@ CVE-2022-49038 (Inclusion of functionality from untrusted control sphere vulnera
 	NOT-FOR-US: Synology
 CVE-2022-49037 (Insertion of sensitive information into log file vulnerability in prox ...)
 	NOT-FOR-US: Synology
-CVE-2024-8805 [BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability]
-	- bluez <unfixed> (bug #1082849)
-	[bookworm] - bluez <no-dsa> (Minor issue)
-	[bullseye] - bluez <postponed> (Minor issue; can be fixed in next update)
+CVE-2024-8805 [Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE]
+	- linux <unfixed>
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1229/
-	NOTE: https://patchwork.kernel.org/project/bluetooth/patch/20240912204458.3037144-1-luiz.dentz@gmail.com/
-	NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=41f943630d9a03c40e95057b2ac3d96470b9c71e
+	NOTE: https://git.kernel.org/linus/b25e11f978b63cb7857890edb3a698599cddb10e (6.12-rc3)
 CVE-2024-9169 (The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8996 (Unquoted Search Path or Element vulnerability in Grafana Agent (Flow m ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35e6ce14bb2ffb78a34c9dc887a141abce0208b1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35e6ce14bb2ffb78a34c9dc887a141abce0208b1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241020/69a83648/attachment.htm>

More information about the debian-security-tracker-commits mailing list