Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-1000250

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.

Related bugs and status

CVE-2017-1000250 (Candidate) is related to these bugs:

Bug #1877536: BlueZ 5.54 release

Summary				In	Importance	Status
	1877536	BlueZ 5.54 release		bluez (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://www.armis.com/...
CONFIRM: https://access.redhat....
BID: 100814
CERT-VN: VU#240311
CONFIRM: http://nvidia.custhelp...
DEBIAN: DSA-3972
REDHAT: RHSA-2017:2685
CONFIRM: https://www.synology.c...