Explore top 10 tips to secure your open-source projects now. Read More
×
BlueZ could be made to expose sensitive information over bluetooth.
Software Description:
- bluez: Bluetooth tools and daemons
Details:
It was discovered that an information disclosure vulnerability existed
in the Service Discovery Protocol (SDP) implementation in BlueZ. A
physically proximate unauthenticated attacker could use this to
disclose sensitive information. (CVE-2017-1000250)
The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: bluez 5.43-0ubuntu1.1 libbluetooth3 5.43-0ubuntu1.1 Ubuntu 16.04 LTS: bluez 5.37-0ubuntu5.1 libbluetooth3 5.37-0ubuntu5.1 Ubuntu 14.04 LTS: bluez 4.101-0ubuntu13.3 libbluetooth3 4.101-0ubuntu13.3 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3413-1
CVE-2017-1000250
Get the latest Linux and open source security news straight to your inbox.