7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.0%
Linux kernels with Bluetooth support do not adequately validate the “protocol” value, allowing a local user to execute arbitrary code with elevated privileges.
Linux kernels with Bluetooth support may contain a local root vulnerability, even if Bluetooth hardware is not present. A call to socket() may bypass a bounds check on the protocol value. This value is used at a later point as an index to a function pointer, making it possible for an attacker to execute arbitrary code from memory regions controlled by the attacker.
The flawed Bluetooth kernel modules are present by default on some Linux distributions and are frequently loadable by unprivileged users.
An unprivileged, local, authenticated user may be able to gain elevated privileges, even on systems without Bluetooth drivers previously loaded or on systems without Bluetooth hardware installed.
Apply An Update
This issue is addressed in Linux kernels 2.4.30-rc2 and 2.6.11.6.
Disable Bluetooth Support
As a workaround, administrators may remove the bluetooth kernel module(s) from their system.
Install Kernel Modules
Suresec Ltd. has also created loadable kernel modules which check protocol and domain values for validity before being used in the flawed Bluetooth code. More information is available in Suresec security advisory 1.
685461
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: April 05, 2005
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
This issue is addressed in Linux kernels 2.4.30-rc2 and 2.6.11.6.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: December 22, 2005
Affected
`This issue could affect Red Hat Enterprise Linux 2.1, 3, and 4 users where the
bluetooth modules are loaded. Updated kernel packages are available at the URL
below and by using the Red Hat Network ‘up2date’ tool.
<http://rhn.redhat.com/errata/CAN-2005-0750.html>`
The vendor has not provided us with any further information regarding this vulnerability.
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
SUSE/Novell has released fixed packages to fix this problem, documented in this security advisory:
<http://www.novell.com/linux/security/advisories/2005_21_kernel.html>
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
Notified: April 05, 2005 Updated: April 08, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23685461 Feedback>).
View all 19 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Suresec Ltd for reporting this vulnerability.
This document was written by Ken MacInnis.
CVE IDs: | CVE-2005-0750 |
---|---|
Severity Metric: | 8.78 Date Public: |