{"id":"CVE-2017-15868","details":"The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.","modified":"2026-03-15T22:15:15.663067Z","published":"2017-12-05T23:29:00.280Z","related":["SUSE-SU-2018:0011-1","SUSE-SU-2018:0031-1","SUSE-SU-2018:0040-1","SUSE-SU-2018:0115-1","SUSE-SU-2018:0180-1","SUSE-SU-2018:0237-1","SUSE-SU-2018:0238-1","SUSE-SU-2018:0239-1","SUSE-SU-2018:0240-1","SUSE-SU-2018:0241-1","SUSE-SU-2018:0242-1","SUSE-SU-2018:0243-1","SUSE-SU-2018:0244-1","SUSE-SU-2018:0245-1","SUSE-SU-2018:0249-1","SUSE-SU-2018:0250-1","SUSE-SU-2018:0251-1","SUSE-SU-2018:0252-1","SUSE-SU-2018:0253-1","SUSE-SU-2018:0265-1","SUSE-SU-2018:0266-1","SUSE-SU-2018:0267-1","SUSE-SU-2018:0268-1","SUSE-SU-2018:0270-1","SUSE-SU-2018:0271-1","SUSE-SU-2018:0274-1","SUSE-SU-2018:0275-1","SUSE-SU-2018:0276-1"],"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html"},{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/pixel/2017-12-01"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4082"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/102084"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3583-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3583-2/"},{"type":"REPORT","url":"https://github.com/torvalds/linux/commit/71bb99a02b32b4cc4265118e85f6035ca72923f0"},{"type":"FIX","url":"https://patchwork.kernel.org/patch/9882449/"},{"type":"FIX","url":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71bb99a02b32b4cc4265118e85f6035ca72923f0"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"3.2"},{"fixed":"3.2.97"}]},{"events":[{"introduced":"3.3"},{"fixed":"3.10.108"}]},{"events":[{"introduced":"3.11"},{"fixed":"3.16.52"}]},{"events":[{"introduced":"3.17"},{"fixed":"3.18.64"}]},{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15868.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}