CVE-2018-10910
Published: 24 July 2018
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.
Notes
Author | Note |
---|---|
mdeslaur | actual bug in bluez, but there is a work-around in gnome-bluetooth https://gitlab.gnome.org/GNOME/gnome-bluetooth/commit/6b5086d42ea64d46277f3c93b43984f331d12f89 gnome-bluetooth <=3.26 used synchronous d-bus calls, so the issue doesn't present itself the bluez patches add new functionnality that newer versions of gnome-bluetooth can use to fix this issue. Since the workaround was applied to gnome-bluetooth, we aren't going to add these commits to bluez. Marking as ignored. |
Priority
Status
Severity score breakdown
Parameter | Value |
---|---|
Base score | 3.3 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | Low |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |