Wind River Support Network

HomeDefectsLIN9-5314

Fixed

LIN9-5314 : Security Advisory - linux - CVE-2017-1000251

Created: Sep 14, 2017 Updated: Dec 3, 2018

Resolved Date: Oct 12, 2017

Found In Version: 9.0.0.10

Fix Version: 9.0.0.11

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Kernel

Description

The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.

https://nvd.nist.gov/vuln/detail/CVE-2017-1000251


The fix: 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3

Other Downloads

Wind River Linux 9.0.0.11
Wind River Linux 9.0.0.12
Wind River Linux 9.0.0.13
Wind River Linux 9.0.0.14
Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-1000251