Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.

Submission Preview

No link to story available

BleedingTooth: critical kernel Bluetooth vulnerability

Accepted submission by Anonymous Coward at 2020-10-14 20:11:08
Security

An Anonymous Coward writes:

BlueZ Advisory: Severity rating, HIGH - All Linux kernel versions before 5.9 that support BlueZ

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html [intel.com]
https://web.archive.org/web/20201014200119/https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html [archive.org]
https://lwn.net/Articles/834297/#Comments [lwn.net]

The latest security information on IntelĀ® products.
BlueZ Advisory
Intel ID: INTEL-SA-00435
Advisory Category: Software
Impact of vulnerability: Escalation of Privilege, Information Disclosure
Severity rating: HIGH
Original release: 10/13/2020
Last revised: 10/13/2020
Show more Show less View all
Summary:

Potential security vulnerabilities in BlueZ may allow escalation of privilege or information disclosure. BlueZ is releasing Linux kernel fixes to address these potential vulnerabilities.
Vulnerability Details:

CVEID: CVE-2020-12351

Description: Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score: 8.3 High

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2020-12352

Description: Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVEID: CVE-2020-24490

Description: Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score: 5.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

All Linux kernel versions before 5.9 that support BlueZ.
Recommendations:

Intel recommends updating the Linux kernel to version 5.9 or later.

If a kernel upgrade is not possible, Intel recommends instead installing the following kernel fixes to address these issues:

https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-1-luiz.dentz@gmail.com/ [kernel.org]

https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-2-luiz.dentz@gmail.com/ [kernel.org]

https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-3-luiz.dentz@gmail.com/ [kernel.org]

https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-4-luiz.dentz@gmail.com/ [kernel.org]

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=a2ec905d1e160a33b2e210e45ad30445ef26ce0e [kernel.org]

Acknowledgements:

Intel would like to thank Andy Nguyen, security engineer from Google for reporting these issues.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
Revision History
Revision Date Description
1.0 10/13/2020 Initial Release

-----------------
http://www.bluez.org/ [bluez.org]
https://github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq [github.com]
https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq [github.com]
https://github.com/google/security-research/security/advisories/GHSA-ccx2-w2r4-x649 [github.com]

Original Submission