CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
9.7%
Linux kernels with Bluetooth support do not adequately validate the “protocol” value, allowing a local user to execute arbitrary code with elevated privileges.
Disable Bluetooth Support
As a workaround, administrators may remove the bluetooth kernel module(s) from their system.
Install Kernel Modules
685461
Filter by status: All Affected Not Affected Unknown
Filter by content: __Additional information available
__Sort by: Status Alphabetical
Expand all
Javascript is disabled. Clickhere to view vendors.
Updated: April 05, 2005
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
This issue is addressed in Linux kernels 2.4.30-rc2 and 2.6.11.6.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: December 22, 2005
Affected
`This issue could affect Red Hat Enterprise Linux 2.1, 3, and 4 users where the
bluetooth modules are loaded. Updated kernel packages are available at the URL
below and by using the Red Hat Network ‘up2date’ tool.
http://rhn.redhat.com/errata/CAN-2005-0750.html`
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
SUSE/Novell has released fixed packages to fix this problem, documented in this security advisory:
http://www.novell.com/linux/security/advisories/2005_21_kernel.html
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View all 19 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Suresec Ltd for reporting this vulnerability.
This document was written by Ken MacInnis.
CVE IDs: | CVE-2005-0750 |
---|---|
Severity Metric: | 8.78 Date Public: |