Lucene search

[email protected]NVD:CVE-2017-1000251

HistorySep 12, 2017 - 5:29 p.m.

CVE-2017-1000251

2017-09-1217:29:00

CWE-787

[email protected]

web.nvd.nist.gov

CVSS2

7.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:S/C:C/I:C/A:C

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0.009

Percentile

83.0%

JSON

The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.

Affected configurations

Nvd

Node

linuxlinux_kernelRange2.6.32–3.2.94

linuxlinux_kernelRange3.3–3.16.49

linuxlinux_kernelRange3.17–3.18.71

linuxlinux_kernelRange3.19–4.1.45

linuxlinux_kernelRange4.2–4.4.88

linuxlinux_kernelRange4.5–4.9.50

linuxlinux_kernelRange4.10–4.12.13

linuxlinux_kernelRange4.13–4.13.2

Node

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

Node

nvidiajetson_tk1Matchr21

nvidiajetson_tk1Matchr24

nvidiajetson_tx1Matchr21

nvidiajetson_tx1Matchr24

AND

linuxlinux_kernelMatch-

Node

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_ausMatch6.2

redhatenterprise_linux_server_ausMatch6.4

redhatenterprise_linux_server_ausMatch6.6

redhatenterprise_linux_server_ausMatch7.2

redhatenterprise_linux_server_ausMatch7.3

redhatenterprise_linux_server_ausMatch7.4

redhatenterprise_linux_server_ausMatch7.6

redhatenterprise_linux_server_ausMatch7.7

redhatenterprise_linux_server_eusMatch6.7

redhatenterprise_linux_server_eusMatch7.2

redhatenterprise_linux_server_eusMatch7.3

redhatenterprise_linux_server_eusMatch7.4

redhatenterprise_linux_server_eusMatch7.5

redhatenterprise_linux_server_eusMatch7.6

redhatenterprise_linux_server_eusMatch7.7

redhatenterprise_linux_server_tusMatch6.5

redhatenterprise_linux_server_tusMatch6.6

redhatenterprise_linux_server_tusMatch7.2

redhatenterprise_linux_server_tusMatch7.3

redhatenterprise_linux_server_tusMatch7.4

redhatenterprise_linux_server_tusMatch7.6

redhatenterprise_linux_server_tusMatch7.7

redhatenterprise_linux_workstationMatch6.0

redhatenterprise_linux_workstationMatch7.0

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
nvidiajetson_tk1r21cpe:2.3:a:nvidia:jetson_tk1:r21:*:*:*:*:*:*:*
nvidiajetson_tk1r24cpe:2.3:a:nvidia:jetson_tk1:r24:*:*:*:*:*:*:*
nvidiajetson_tx1r21cpe:2.3:a:nvidia:jetson_tx1:r21:*:*:*:*:*:*:*
nvidiajetson_tx1r24cpe:2.3:a:nvidia:jetson_tx1:r24:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
redhatenterprise_linux_desktop6.0cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
redhatenterprise_linux_desktop7.0cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
debian	debian_linux	8.0	cpe:2.3:o:debian:debian_linux:8.0:::::::*
debian	debian_linux	9.0	cpe:2.3:o:debian:debian_linux:9.0:::::::*
nvidia	jetson_tk1	r21	cpe:2.3:a:nvidia:jetson_tk1:r21:::::::*
nvidia	jetson_tk1	r24	cpe:2.3:a:nvidia:jetson_tk1:r24:::::::*
nvidia	jetson_tx1	r21	cpe:2.3:a:nvidia:jetson_tx1:r21:::::::*
nvidia	jetson_tx1	r24	cpe:2.3:a:nvidia:jetson_tx1:r24:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
redhat	enterprise_linux_desktop	6.0	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
redhat	enterprise_linux_desktop	7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*