UBUNTU-CVE-2017-1000250

Source
https://ubuntu.com/security/CVE-2017-1000250
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-1000250.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-1000250
Related
Published
2017-09-12T13:00:00Z
Modified
2017-09-12T13:00:00Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.

References

Affected packages

Ubuntu:14.04:LTS / bluez

Package

Name
bluez
Purl
pkg:deb/ubuntu/bluez?arch=src?distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.101-0ubuntu13.3

Affected versions

4.*

4.101-0ubuntu8b1
4.101-0ubuntu9
4.101-0ubuntu10
4.101-0ubuntu11
4.101-0ubuntu12
4.101-0ubuntu13
4.101-0ubuntu13.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "high",
    "binaries": [
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluetooth"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-alsa"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-alsa-dbgsym"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-audio"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-compat"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-compat-dbgsym"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-cups"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-cups-dbgsym"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-dbg"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-dbgsym"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-gstreamer"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-gstreamer-dbgsym"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-pcmcia-support"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "bluez-utils"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "libbluetooth-dev"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "libbluetooth3"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "libbluetooth3-dbg"
        },
        {
            "binary_version": "4.101-0ubuntu13.3",
            "binary_name": "libbluetooth3-dbgsym"
        }
    ]
}

Ubuntu:16.04:LTS / bluez

Package

Name
bluez
Purl
pkg:deb/ubuntu/bluez?arch=src?distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.37-0ubuntu5.1

Affected versions

5.*

5.35-0ubuntu2
5.36-0ubuntu1
5.37-0ubuntu5

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "high",
    "binaries": [
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluetooth"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-cups"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-cups-dbgsym"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-dbg"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-dbgsym"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-hcidump"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-hcidump-dbgsym"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-obexd"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-obexd-dbgsym"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-tests"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "bluez-tests-dbgsym"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "libbluetooth-dev"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "libbluetooth-dev-dbgsym"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "libbluetooth3"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "libbluetooth3-dbg"
        },
        {
            "binary_version": "5.37-0ubuntu5.1",
            "binary_name": "libbluetooth3-dbgsym"
        }
    ]
}