Public Date:
1489446: CVE-2017-1000250 bluez: Out-of-bounds heap read in service_search_attr_req function
An information-disclosure flaw was found in the bluetoothd implementation of the Service Discovery Protocol (SDP). A specially crafted Bluetooth device could, without prior pairing or user interaction, retrieve portions of the bluetoothd process memory, including potentially sensitive information such as Bluetooth encryption keys.

Find out more about CVE-2017-1000250 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 6.5
CVSS3 Base Metrics CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector Adjacent Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Impact None
Availability Impact None

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (bluez) RHSA-2017:2685 2017-09-12
Red Hat Enterprise Linux 7 (bluez) RHSA-2017:2685 2017-09-12

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 5 bluez-utils Will not fix


Red Hat would like to thank Armis Labs for reporting this issue.

External References

Last Modified