Linux Kernel Remote Denial of Service in Bluetooth subsystem ( Blueborne )
Reported by
jeffrey....@gmail.com,
Sep 13 2017
|
||
Issue descriptionChrome Version: ? Chrome OS Version: ? Chrome OS Platform: ? Network info: bluetooth https://access.redhat.com/security/vulnerabilities/blueborne Remote CVE. Neither Blueborne nor CVE 2017-1000251 is turning up any results here. whitepaper: http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf?t=1505222709963 https://access.redhat.com/security/vulnerabilities/blueborne "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space." https://nvd.nist.gov/vuln/detail/CVE-2017-1000251
,
Sep 13 2017
For this particular chromebook: Google Chrome 62.0.3202.8 (Official Build) dev (64-bit) Revision 0 Platform 9901.5.0 (Official Build) dev-channel terra Firmware Version Google_Terra.7287.154.80 Customisation ID ASUS-TERRA2 Channel : Dev kernel : Linux localhost 3.18.0-16002-g2644da09535f #1 SMP PREEMPT Mon Sep 4 22:02:20 PDT 2017 x86_64 Intel(R) Celeron(R) CPU N3060 @ 1.60GHz GenuineIntel GNU/Linux (this is apparently affected, since it's after 3.3 but before e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3)
,
Sep 14 2017
Thanks for filing a bug! We're already tracking this as issue 764425 (sorry, restricted for now), and you might have noticed that patches have already landed on our kernel trees. We're still figuring out the release schedule, but we're not treating this super urgent right now given that we have CONFIG_CC_STACKPROTECTOR enabled in our kernel configurations. Closing as WontFix since the fixes have already landed in the source tree. |
||
►
Sign in to add a comment |
||
Comment 1 by jeffrey....@gmail.com
, Sep 13 2017