USN-4605-2: Blueman update
Vaisha Bernard discovered that blueman did not properly sanitize input on
the d-bus interface to blueman-mechanism. A local attacker could possibly
use this issue to escalate privileges and run arbitrary code or cause a
denial of service. (CVE-2020-15238)
While a previous security update fixed the issue, this update provides
additional improvements by enabling PolicyKit authentication for
privileged commands.
Source: USN-4605-2: Blueman update
Leave a Reply