MGASA-2017-0350
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 21 Sept 2017, 13:43
Last modified:16 Apr 2026, 06:25
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
21 Sept 2017, 13:43
Published
Vulnerability first disclosed
16 Apr 2026, 06:25
Last Modified
Vulnerability information updated
Description
Updated bluez packages fix security vulnerability An information-disclosure flaw was found in the bluetoothd implementation of the Service Discovery Protocol (SDP). A specially crafted Bluetooth device could, without prior pairing or user interaction, retrieve portions of the bluetoothd process memory, including potentially sensitive information such as Bluetooth encryption keys (CVE-2017-1000250).
Affected Systems
- mageia•bluez
< 5.28-1.1.mga5
- mageia•bluez
< 5.45-2.1.mga6