A privilege escalation vulnerability has been discovered in Blueman.
|Package||net-wireless/blueman on all architectures|
|Affected versions||< 2.1.4|
|Unaffected versions||>= 2.1.4|
Blueman is a simple and intuitive GTK+ Bluetooth Manager.
Where Polkit is not used and the default permissions have been changed on a specific rule file, control of a local DHCP daemon may be possible.
A local attacker may be able to achieve root privilege escalation.
There is no known workaround at this time.
All Blueman users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/blueman-2.1.4"
November 11, 2020
November 11, 2020: 2