Описание
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic.
Отчет
The research paper describes that Bluetooth Low Energy connections managed through bluetoothctl control or via D-Bus API are not vulnerable to this attack as they strictly follow the proactive authentication specification. Connections that are managed by gatttool are among those that may be vulnerable.
Меры по смягчению последствий
Bluetooth Low Energy can be disabled altogether if it is not required, using the configuration below. This will prevent BLE devices from connecting with the host, disabling this attack
ControllerMode=bredr
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | bluez | Will not fix | ||
| Red Hat Enterprise Linux 8 | bluez | Will not fix | ||
| Red Hat Enterprise Linux 9 | bluez | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic.
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic.
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic.
EPSS
6.6 Medium
CVSS3