Google has released details of a high-impact security flaw that affects the Bluetooth stack in the Linux kernel versions below 5.9 that support BlueZ. The flaw, tracked as CVE-2020-12351, is “Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access,” per Intel’s notes in their advisory. According to Francis Perry of Google, an attacker within Bluetooth range who also knows the target’s Bluetooth device address (bd address) can execute arbitrary code with kernel privileges. The attacker within range and with the victim’s bd address, can send a malicious I2cap packet and cause a denial of service or possibly arbitrary code with kernel privileges. Google has published a proof-of-concept exploit code for the BleedingTooth vulnerability on YouTube.
Analyst Notes
Intel has recommended that Linux kernel users who are using version 5.8 or earlier should update to version 5.9 as soon as possible. The flaw was fixed in the latest version which was released within the last week. Also seeing as though this flaw uses Bluetooth as the entryway to a victim’s system, if Bluetooth is not actively being used, it should be shut off so that it cannot be maliciously accessed.
Source Article: https://www.zdnet.com/article/google-warns-of-severe-bleedingtooth-bluetooth-flaw-in-linux-kernel/
