Main
Vulnerability Database
Exploits
ID:4704 - Exploit for Stack-based buffer overflow in Linux kernel and linux_kernel (Debian package) - CVE-2017-1000251
ID:4704 - Exploit for Stack-based buffer overflow in Linux kernel and linux_kernel (Debian package) - CVE-2017-1000251
Published: October 14, 2020
Vulnerability identifier: #VU8329
Vulnerability risk: Low
CVE-ID: CVE-2017-1000251
CWE-ID: CWE-121
Exploitation vector: Adjecent network
Vulnerable software:
Linux kernel
linux_kernel (Debian package)
Linux kernel
linux_kernel (Debian package)
Link to public exploit:
Vulnerability description
The vulnerability allows an adjacent attacker to execute arbitrary code on the host system.
The weakness exists due to a stack-based buffer overflow in the processing of L2CAP configuration. An adjacent attacker can submit a specially crafted Bluetooth protocol, trigger memory corruption in the Bluetooth stack and execute arbitrary code in kernel space.
Successful exploitation of the vulnerability may result in host system compromise.
The weakness exists due to a stack-based buffer overflow in the processing of L2CAP configuration. An adjacent attacker can submit a specially crafted Bluetooth protocol, trigger memory corruption in the Bluetooth stack and execute arbitrary code in kernel space.
Successful exploitation of the vulnerability may result in host system compromise.
Remediation
Install update from vendor's website.