bluez-hcidump Denial of Service http://www.secuobs.com/news/05022006-bluetooth10.shtml "ubuntu: Pierre Betouin discovered a Denial of Service vulnerability in the handling of the L2CAP (Logical Link Control and Adaptation Layer Protocol) layer. By sending a specially crafted L2CAP packet through a wireless Bluetooth connection, a remote attacker could crash hcidump. Since hcidump is mainly a debugging tool, the impact of this flaw is very low." The patch is here: http://cvs.sourceforge.net/viewcvs.py/bluez/hcidump/parser/l2cap.c?r1=1.51&r2=1.52&diff_format=u
moving to security response bug. should we decide to fix this in a later update for rhel4 we'll create appropriate tracking bugs with flags at that time.
This issue is corrected in bluez-hcidump 1.32 as provided by Red Hat Enterprise Linux 5, and does not affect Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw in Red Hat Enterprise Linux 4. The above link no longer works; this updated link does: http://bluez.cvs.sourceforge.net/viewvc/bluez/hcidump/parser/l2cap.c?r1=1.51&r2=1.52&view=patch
Statement: Red Hat no longer plans to fix this issue in Red Hat Enterprise Linux 4. This issue is corrected in bluez-hcidump 1.32 as provided by Red Hat Enterprise Linux 5.