First published: Tue Dec 05 2017(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=3.2<3.2.97 | |
Linux Linux kernel | >=3.3<3.10.108 | |
Linux Linux kernel | >=3.11<3.16.52 | |
Linux Linux kernel | >=3.17<3.18.64 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Debian Debian Linux | =8.0 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2017-15868.
The title of the vulnerability is 'The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.'
The vulnerability allows local users to gain privileges via a crafted application by exploiting the bnep_add_connection function in the Linux kernel before version 3.19.
The affected software versions are Linux kernel versions before 3.19.
Yes, you can find references for this vulnerability at the following links: [Reference 1](http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71bb99a02b32b4cc4265118e85f6035ca72923f0), [Reference 2](https://github.com/torvalds/linux/commit/71bb99a02b32b4cc4265118e85f6035ca72923f0), [Reference 3](https://patchwork.kernel.org/patch/9882449/)