BSA-2017-431
21545
27 October 2017
29 September 2017
Closed
Medium
7.5
N/A
CVE-2017-1000251
Summary
Security Advisory ID : BSA-2017-431
Component : Kernel
Revision : 3.0: Interim
A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64[le]), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. On systems without the stack protection feature (ppc64[le]; the Bluetooth modules are not built on s390x), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to remotely execute arbitrary code on the system with ring 0 (kernel) privileges.
Affected Products
Brocade is investigating its product lines to determine which products may be affected by this vulnerability and the impact on each affected product.
Products Confirmed Not Vulnerable
Brocade Fabric OS, Brocade NetIron OS, Bocade Network OS, Brocade ServerIron ADX, Brocade SLX-OS, and Brocade Workflow Composer are confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | September 29, 2017 |
2.0 | Updated to address NI, NOS, & WC | October 13, 2017 |
3.0 | Updated to address ADX | October 27, 2017 |