It was discovered that an information disclosure vulnerability existed in the Service Discovery Protocol (SDP) implementation in BlueZ.
A physically proximate unauthenticated attacker could use this to disclose sensitive information. (CVE-2017-1000250)
Refer to Ubuntu advisory USN-3413-1 for affected packages and patching details, or update with your package manager.
Following are links for downloading patches to fix the vulnerabilities: