CVE-2019-9506

Priority
Description
The Bluetooth BR/EDR specification up to and including version 5.1 permits
sufficiently low encryption key length and does not prevent an attacker
from influencing the key length negotiation. This allows practical
brute-force attacks (aka "KNOB") that can decrypt traffic and inject
arbitrary ciphertext without the victim noticing.
Ubuntu-Description
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered
that the Bluetooth protocol BR/EDR specification did not properly require
sufficiently strong encryption key lengths. A physically proximate attacker
could use this to expose sensitive information.
Notes
sbeattieCERT VU#918987
mdeslaurMitigation for this issue was added to the kernel
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needs-triage ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-159.187)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-60.67)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.2.0-8.9)
Ubuntu 20.04 (Focal Fossa):not-affected (5.4.0-9.12)
Patches:
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by
d5bb334a8e171b262e48f378bd2096c0ea458265
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by
693cd8ce3f882524a5d06f7800dd8492411877b3
Introduced by
693cd8ce3f882524a5d06f7800dd8492411877b3
Fixed by
eca94432934fe5f141d084f2e36ee2c0e614cc04
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1090.101)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1047.49)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.3.0-1003.3)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1021.24~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1047.49~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (CONFIG_BT not set)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (CONFIG_BT not set)
Ubuntu 19.10 (Eoan Ermine):not-affected (CONFIG_BT not set)
Ubuntu 20.04 (Focal Fossa):not-affected (CONFIG_BT not set)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1007.8~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (CONFIG_BT not set)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (CONFIG_BT not set)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1041.43)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1042.45)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.3.0-1003.3)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1008.9~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1042.45)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1041.43)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1020.20~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-60.67~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-31.33~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-60.67~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was pending \[5.3.0-19.20~18.04.2\] now end-of-life)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (CONFIG_BT not set)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (CONFIG_BT not set)
Ubuntu 19.10 (Eoan Ermine):not-affected (CONFIG_BT not set)
Ubuntu 20.04 (Focal Fossa):not-affected (CONFIG_BT not set)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needs-triage ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1056.65)
Ubuntu 19.10 (Eoan Ermine):pending (4.15.0-1059.68)
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):not-affected (5.4.0-1002.4)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-1024.27)
Ubuntu 19.10 (Eoan Ermine):needed
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1022.25~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1022.25)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.3.0-1002.2)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1007.12~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1118.127)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1044.47)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.3.0-1005.6)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1017.19~18.04.1)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1122.128)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1062.69)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
More Information

Updated: 2020-01-29 19:04:56 UTC (commit 40f18bf14da5fb50662e1f861ea594a462b207fe)