vulnerability

Alpine Linux: CVE-2017-1000250: Exposure of Sensitive Information to an Unauthorized Actor

Try Surface Command

Back to search

Severity

CVSS

(AV:A/AC:L/Au:N/C:P/I:N/A:N)

Published

Sep 12, 2017

Added

Sep 21, 2017

Modified

Mar 25, 2026

Description

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.

Solution

alpine-linux-upgrade-bluez

References

CVE-2017-100025
https://attackerkb.com/topics/CVE-2017-100025
https://security.alpinelinux.org/vuln/CVE-2017-1000250
https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-1511
CWE-200
EUVD-EUVD-2017-1511

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report