Synology-SA-17:52 BlueBorne

2017-09-13 20:05:44

Severity
Important
Status
Ongoing

Abstract

BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices. The following two CVE IDs will affect Synology DiskStation Manager (DSM).

  • CVE-2017-1000250 allows remote attackers to cause an information disclosure attack via a crafted SDP bluetooth packet on a vulnerable version of Synology DiskStation Manager (DSM).

  • CVE-2017-1000251 allows remote attackers to cause a denial-of-service attack or execute arbitrary codes via a crafted L2CAP configuration response on a vulnerable version of Synology DiskStation Manager (DSM).

Severity

Affected

  • Products
    • DSM 6.1
    • DSM 6.0
    • DSM 5.2
  • Models
    • FS & XS Series
      • 17-Series
        • FS2017, RS4017xs+, RS3617xs+, RS3617xs, RS3617RPxs, RS18017xs+, DS3617xs
      • 16-Series
        • RS18016xs+
      • 15-Series
        • DS3615xs, DS2015xs
      • 14-Series
        • RS3614xs, RS3614RPxs
      • 13-Series
        • RS3413xs+, RS10613xs+
      • 12-Series
        • RS3412xs, RS3412RPxs
      • 11-Series
        • RS3411xs, RS3411RPxs
    • Plus Series
      • 17-Series
        • DS1817+, DS1517+
      • 16-Series
        • RS2416+, DS916+, DS716+II, DS716+, DS216+II, DS216+
      • 15-Series
        • DS2415+, DS1815+, DS1515+, RS815RP+, RS815+, DS415+, DS215+
      • 14-Series
        • RS2414RP+, RS2414+, RS814RP+, RS814+
      • 13-Series
        • RS3413xs+, RS10613xs+, DS1813+, DS1513+, DS713+
      • 12-Series
        • RS2212RP+, RS2212+, DS1812+, DS1512+, RS812RP+, RS812+, DS412+, DS712+, DS212+, DS112+
      • 11-Series
        • DS2411+, RS2211RP+, RS2211+, DS1511+, DS411+II, DS411+, DS211+, RS810RP+, RS810+, DS710+, DS210+, DS110+
    • Value Series
      • 17-Series
        • DS1817, DS1517, RS217
      • 16-Series
        • RS816, DS416slim, DS416play, DS416, DS216play, DS216, DS116
      • 15-Series
        • DS1515, DS415play, DS715
      • 14-Series
        • RS214, DS214play
      • 13-Series
        • DS213air, DS213
      • 12-Series
        • RS812, RS212, DS212, DS112
      • 11-Series
        • RS411, DS411, DS211, DS111, DS410
    • J Series
      • 16-Series
        • DS416j, DS216j
      • 13-Series
        • DS413j
      • 11-Series
        • DS411slim

Description

  • CVE-2017-1000250
    All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.
  • CVE-2017-1000251
    The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.

Mitigation

None

Update Availability

Synology will soon release the updates for affected products.

Reference