Red Hat Bugzilla – Bug 152179
CAN-2005-0750 bluetooth security flaw
Last modified: 2007-11-30 17:06:54 EST
(Affects RHEL2.1, but 2.4 needs a slightly altered patch)
+++ This bug was initially created as a clone of Bug #152177 +++
A flaw was discovered by Ilja van Sprundel in the bluetooth driver affecting 2.4
and 2.6. On system where bluetooth modules are loaded, a local user could use
this flaw to gain root privileges.
looks like this driver is not in 2.1 x86.
It turns out that this driver *is* in 2.1 x86, and I committed a fix to the
RHEL2.1 patch pool for kernel version 2.4.9-e.62
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.