CVE-2017-1000250 Ubuntu Security Notification for Bluez Vulnerability (USN-3413-1) (BlueBorne)

It was discovered that an information disclosure vulnerability existed in the Service Discovery Protocol (SDP) implementation in BlueZ.

A physically proximate unauthenticated attacker could use this to disclose sensitive information. (CVE-2017-1000250)

Refer to Ubuntu advisory USN-3413-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3413-1: 16.04 (Xenial) on src (bluez)

USN-3413-1: 14.04 (Kylin) on src (libbluetooth3)

USN-3413-1: 17.04 (zesty) on src (bluez)

USN-3413-1: 17.04 (zesty) on src (libbluetooth3)

USN-3413-1: 16.04 (Xenial) on src (libbluetooth3)

USN-3413-1: 14.04 (Kylin) on src (bluez)