SUSE-SU-2017:2799-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2017-1000251 CVE-2017-12762

Published: 20 Oct 2017, 12:58

Last modified:02 May 2025, 04:05

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

20 Oct 2017, 12:58

Published

Vulnerability first disclosed

02 May 2025, 04:05

Last Modified

Vulnerability information updated

Description

Security update for Linux Kernel Live Patch 8 for SLE 12 SP2 This update for the Linux Kernel 4.4.59-92_20 fixes several issues. The following security bugs were fixed: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bsc#1057950). - CVE-2017-12762: In drivers/isdn/i4l/isdn_net.c a user-controlled buffer was copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow (bsc#1053150).

Affected Systems

suse•kgraft-patch-SLE12-SP2_Update_8&distro=SUSE Linux Enterprise Live Patching 12
< 5-4.1

SUSE-SU-2017:2799-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)