Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2018-10910

Published: 24 July 2018

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.

Notes

AuthorNote
mdeslaur
actual bug in bluez, but there is a work-around in gnome-bluetooth
https://gitlab.gnome.org/GNOME/gnome-bluetooth/commit/6b5086d42ea64d46277f3c93b43984f331d12f89
gnome-bluetooth <=3.26 used synchronous d-bus calls, so the
issue doesn't present itself
the bluez patches add new functionnality that newer versions of
gnome-bluetooth can use to fix this issue. Since the
workaround was applied to gnome-bluetooth, we aren't going to
add these commits to bluez. Marking as ignored.

Priority

Low

Cvss 3 Severity Score

3.3

Score breakdown

Status

Package Release Status
bluez
Launchpad, Ubuntu, Debian
bionic Ignored

cosmic Ignored
(end of life)
disco Ignored
(end of life)
eoan Ignored

trusty Does not exist
(trusty was needed)
upstream
Released (5.51)
xenial Ignored

Patches:
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=2796d545e82659541333050557d5dbb89a295ae7
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=ee863d9d5dd45b183ba6b0b45455498cd88b8663
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=6324acf2012ec444f67c73a42d3991064a69eec6
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=45969a7a7335eaa47c52b76b9e32c28d680dc031
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=bbf1cd0102a4de658ca596dddb48713124f1fd41
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=d04eb02f9bad8795297210ef80e262be16ea8f07
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=170ff3b81fdd9902c0b41bfd37ea0090cdb22830
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=9a57d90628224fa6525e4eebf1e97f713918bb3b
upstream: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=4f162b557a963cc21f7f1933e9abf3876f283b38
gnome-bluetooth
Launchpad, Ubuntu, Debian
bionic
Released (3.28.0-2ubuntu0.1)
cosmic Not vulnerable
(3.28.2-2)
disco Not vulnerable
(3.28.2-3)
eoan Not vulnerable
(3.28.2-3)
trusty Does not exist
(trusty was not-affected [3.8.2.1-0ubuntu4.2])
upstream
Released (3.28.1)
xenial Not vulnerable
(3.18.2-1ubuntu2)

Severity score breakdown

Parameter Value
Base score 3.3
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality Low
Integrity impact None
Availability impact None
Vector CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N