#VU8442 Out-of-bounds read in Red Hat Enterprise Linux for x86_64 - CVE-2017-1000250
Published: September 15, 2017
Vulnerability identifier: #VU8442
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2017-1000250
CWE-ID: CWE-125
Exploitation vector: Adjecent network
Exploit availability:
Public exploit is available
Vulnerable software:
Red Hat Enterprise Linux for x86_64
Red Hat Enterprise Linux for x86_64
Software vendor:
Red Hat Inc.
Red Hat Inc.
Description
The vulnerability allows an adjacent attacker to obtain potentially sensitive information on the target system.
The weakness exists in the bluetoothd implementation of the Service Discovery Protocol (SDP) due to out-of-bounds heap read condition in the service_search_attr_req function. An adjacent attacker send specially crafted requests that has Bluetooth enabled in the SDP server and access sensitive information, such as encryption keys, from bluetoothd process memory.
Successful exploitation of the vulnerability results in information disclosure.
The weakness exists in the bluetoothd implementation of the Service Discovery Protocol (SDP) due to out-of-bounds heap read condition in the service_search_attr_req function. An adjacent attacker send specially crafted requests that has Bluetooth enabled in the SDP server and access sensitive information, such as encryption keys, from bluetoothd process memory.
Successful exploitation of the vulnerability results in information disclosure.
Remediation
Cybersecurity Help is currently unaware of any official patch addressing the vulnerability.