CVE-2017-1000250
Description
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
36.932
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Bluetooth tools and daemons (USN-3413-1) bluez_5.37-0ubuntu5.1_i386.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) bluez_5.37-0ubuntu5.1_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) bluez_5.43-0ubuntu1.1_i386.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) bluez_5.43-0ubuntu1.1_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) bluez_4.101-0ubuntu13.3_i386.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) bluez_4.101-0ubuntu13.3_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) libbluetooth3_5.37-0ubuntu5.1_i386.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) libbluetooth3_5.37-0ubuntu5.1_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) libbluetooth3_5.43-0ubuntu1.1_i386.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) libbluetooth3_5.43-0ubuntu1.1_amd64.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) libbluetooth3_4.101-0ubuntu13.3_i386.deb | Linux |
| Bluetooth tools and daemons (USN-3413-1) libbluetooth3_4.101-0ubuntu13.3_amd64.deb | Linux |
| Bluez security update (CESA-2017:2685) bluez-4.66-2.el6_9.i686.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-4.66-2.el6_9.x86_64.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-alsa-4.66-2.el6_9.i686.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-alsa-4.66-2.el6_9.x86_64.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-cups-4.66-2.el6_9.i686.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-cups-4.66-2.el6_9.x86_64.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-libs-4.66-2.el6_9.i686.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-libs-4.66-2.el6_9.x86_64.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-compat-4.66-2.el6_9.i686.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-compat-4.66-2.el6_9.x86_64.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-gstreamer-4.66-2.el6_9.i686.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-gstreamer-4.66-2.el6_9.x86_64.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-libs-devel-4.66-2.el6_9.i686.rpm | Linux |
| Bluez security update (CESA-2017:2685) bluez-libs-devel-4.66-2.el6_9.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-4.66-2.el6_9.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-4.66-2.el6_9.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-5.44-4.el7_4.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-alsa-4.66-2.el6_9.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-alsa-4.66-2.el6_9.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-compat-4.66-2.el6_9.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-compat-4.66-2.el6_9.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-cups-4.66-2.el6_9.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-cups-4.66-2.el6_9.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-cups-5.44-4.el7_4.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-gstreamer-4.66-2.el6_9.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-gstreamer-4.66-2.el6_9.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-hid2hci-5.44-4.el7_4.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-libs-4.66-2.el6_9.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-libs-4.66-2.el6_9.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-libs-5.44-4.el7_4.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-libs-5.44-4.el7_4.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-libs-devel-4.66-2.el6_9.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-libs-devel-4.66-2.el6_9.x86_64.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-libs-devel-5.44-4.el7_4.i686.rpm | Linux |
| (RHSA-2017:2685) Moderate: bluez security update bluez-libs-devel-5.44-4.el7_4.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-cups-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-cups-debuginfo-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-debuginfo-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) bluez-debugsource-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) libbluetooth3-5.13-5.4.1.x86_64.rpm | Linux |
| SUSE-SU-2018:1778-1(SUSE Linux Enterprise Desktop 12-SP3 ) libbluetooth3-debuginfo-5.13-5.4.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234