openSUSE Security Update : bluez-audio (bluez-audio-100)
High Nessus Plugin ID 39922
SynopsisThe remote openSUSE host is missing a security update.
DescriptionMissing length checks in bluez-libs could cause a buffer overflow in Bluetooth applications. Malicious bluetooth devices could potentially exploit that to execute arbitrary code (CVE-2008-2374).
Note: The source code of each application that uses vulnerable functions of bluez-libs needs to be adapted to actually fix the problem.
SolutionUpdate the affected bluez-audio packages.