BlueBorne
|
Size: 3772
Comment: Add info about kernel updates.
|
← Revision 12 as of 2017-09-20 12:50:53 ⇥
Size: 3774
Comment: Fix whitespace issue
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 12: | Line 12: |
| The kernel issue, CVE-2017-1000251, was fixed in the upstream [[https://git.kernel.org/linus/e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3 | Linux kernel]]. Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.04, and Ubuntu 12.04 ESM were affected. As of 2017-09-18, updates are available for all releases, and were announced in [[http://www.ubuntu.com/usn/usn-3419-1 | USN 3419-1 (Ubuntu 17.04)]], [[http://www.ubuntu.com/usn/usn-3420-1 | USN 3420-1 (Ubuntu 16.04 LTS)]],[[http://www.ubuntu.com/usn/usn-3422-1 | USN 3422-1 (Ubuntu 14.04 LTS)]], and [[http://www.ubuntu.com/usn/usn-3423-1 | USN 3423-1 (Ubuntu 12.04 ESM)]], along with the corresponding Hardware Enablement (HWE) kernels. | The kernel issue, CVE-2017-1000251, was fixed in the upstream [[https://git.kernel.org/linus/e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3 | Linux kernel]]. Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.04, and Ubuntu 12.04 ESM were affected. As of 2017-09-18, updates are available for all releases, and were announced in [[http://www.ubuntu.com/usn/usn-3419-1 | USN 3419-1 (Ubuntu 17.04)]], [[http://www.ubuntu.com/usn/usn-3420-1 | USN 3420-1 (Ubuntu 16.04 LTS)]], [[http://www.ubuntu.com/usn/usn-3422-1 | USN 3422-1 (Ubuntu 14.04 LTS)]], and [[http://www.ubuntu.com/usn/usn-3423-1 | USN 3423-1 (Ubuntu 12.04 ESM)]], along with the corresponding Hardware Enablement (HWE) kernels. |
| Line 19: | Line 19: |
| * 2017 Sept 18: Ubuntu kernel updates are made available in [[http://www.ubuntu.com/usn/usn-3419-1 | USN 3419-1 (Ubuntu 17.04)]], [[http://www.ubuntu.com/usn/usn-3420-1 | USN 3420-1 (Ubuntu 16.04 LTS)]],[[http://www.ubuntu.com/usn/usn-3422-1 | USN 3422-1 (Ubuntu 14.04 LTS)]], and [[http://www.ubuntu.com/usn/usn-3423-1 | USN 3423-1 (Ubuntu 12.04 ESM)]]. | * 2017 Sept 18: Ubuntu kernel updates are made available in [[http://www.ubuntu.com/usn/usn-3419-1 | USN 3419-1 (Ubuntu 17.04)]], [[http://www.ubuntu.com/usn/usn-3420-1 | USN 3420-1 (Ubuntu 16.04 LTS)]], [[http://www.ubuntu.com/usn/usn-3422-1 | USN 3422-1 (Ubuntu 14.04 LTS)]], and [[http://www.ubuntu.com/usn/usn-3423-1 | USN 3423-1 (Ubuntu 12.04 ESM)]]. |
Bluetooth/BlueZ information disclosure in BlueZ and remote code execution in the bluetooth L2CAP stack in the Linux kernel (CVE-2017-1000250, CVE-2017-1000251 aka BlueBorne)
Two issues were discovered in the BlueZ stack. The first issue, CVE-2017-1000250, is an information disclosure vulnerability in the Service Discover Protocol implementation in the BlueZ bluetoothd userspace daemon. A physically proximate unauthenticated attacker could use this to expose memory from the bluetoothd daemon.
The second issue, CVE-2017-1000251, is a stack-based buffer overflow in the l2cap_config_rsp() function in the bluetooth L2CAP stack of the Linux kernel. This would normally result in remote code execution; however, Ubuntu kernels are built with the CONFIG_CC_STACKPROTECTOR configuration option enabled as a mitigation, turning a stack-based buffer overflow into a denial of service. A physically proximate unauthenticated attacker could use this to cause a denial of service (system crash).
The BlueZ upstream has a fix for CVE-2017-1000250 in their git tree. Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 17.04 were affected. To address the issue ensure that bluez 4.101-0ubuntu13.3 (Ubuntu 14.04 LTS), bluez 5.37-0ubuntu5.1 (Ubuntu 16.04 LTS), or bluez 5.43-0ubuntu1.1 (Ubuntu 17.04) are installed. These updates were announced in USN 3413-1.
The kernel issue, CVE-2017-1000251, was fixed in the upstream Linux kernel. Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.04, and Ubuntu 12.04 ESM were affected. As of 2017-09-18, updates are available for all releases, and were announced in USN 3419-1 (Ubuntu 17.04), USN 3420-1 (Ubuntu 16.04 LTS), USN 3422-1 (Ubuntu 14.04 LTS), and USN 3423-1 (Ubuntu 12.04 ESM), along with the corresponding Hardware Enablement (HWE) kernels.
Timeline
- 2017 Sept 05: received initial notification from Armis Labs
2017 Sept 12: BlueBorne advisory is made public
2017 Sept 12: linux kernel commit is made publicly available
2017 Sept 12: Ubuntu BlueZ updates are made available in USN 3413-1
2017 Sept 18: Ubuntu kernel updates are made available in USN 3419-1 (Ubuntu 17.04), USN 3420-1 (Ubuntu 16.04 LTS), USN 3422-1 (Ubuntu 14.04 LTS), and USN 3423-1 (Ubuntu 12.04 ESM).
SecurityTeam/KnowledgeBase/BlueBorne (last edited 2017-09-20 12:50:53 by sbeattie)