Security
Security
A privilege escalation vulnerability has been discovered in Blueman.
| Package | net-wireless/blueman on all architectures |
|---|---|
| Affected versions | < 2.1.4 |
| Unaffected versions | >= 2.1.4 |
Blueman is a simple and intuitive GTK+ Bluetooth Manager.
Where Polkit is not used and the default permissions have been changed on a specific rule file, control of a local DHCP daemon may be possible.
A local attacker may be able to achieve root privilege escalation.
There is no known workaround at this time.
All Blueman users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/blueman-2.1.4"
Release date
November 11, 2020
Latest revision
November 11, 2020: 2
Severity
high
Exploitable
local
Bugzilla entries