CLD-17 Details
Other IDs this deficiency may be known by:
Basic Information:
| Affected Package(s) |
linux |
| Deficiency Type |
SECURITY |
| Date Created |
2017-09-12 17:10:59 |
| Date Last Modified |
2017-09-13 23:19:00 |
Version Specific Information:
| Cucumber 1.0 i686 | fixed in linux-4.9.50-i686-1 |
| Cucumber 1.0 x86_64 | fixed in linux-4.9.50-x86_64-1 |
| Cucumber 1.1 i686 |
fixed in linux-4.9.50-i686-1 |
| Cucumber 1.1 x86_64 |
fixed in linux-4.9.50-x86_64-1 |
Details:
This vulnerability has been dubbed "Blueborne".
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux
kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a
stack overflow vulnerability in the processing of L2CAP configuration responses
resulting in Remote code execution in kernel space
(https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000251).
This vulnerability does not require you to be connected to any network, and it
does not even require you to pair your device with another Bluetooth device. All
it requires is for an attacker to be physically in range of your device
supporting Bluetooth; he can then use this vulnerability to execute arbitrary
code in the kernel space (https://www.youtube.com/watch?v=LLNtZKpL0P8).
Original Analysis (by Armis):
https://www.armis.com/blueborne/
RedHat's Analysis:
https://access.redhat.com/blogs/product-security/posts/blueborne
They claim that the impact of this vulnerability is mitigated if your kernel is
built with Stack Protection, which the Cucumber Linux kernels all are.