CVE-2019-9506

Priority
Description
The Bluetooth BR/EDR specification up to and including version 5.1 permits
sufficiently low encryption key length and does not prevent an attacker
from influencing the key length negotiation. This allows practical
brute-force attacks (aka "KNOB") that can decrypt traffic and inject
arbitrary ciphertext without the victim noticing.
Ubuntu-Description
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered
that the Bluetooth protocol BR/EDR specification did not properly require
sufficiently strong encryption key lengths. A physically proximate attacker
could use this to expose sensitive information.
Notes
sbeattieCERT VU#918987
mdeslaurMitigation for this issue was added to the kernel
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needs-triage ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-159.187)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-60.67)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-31.33)
Ubuntu 19.10 (Eoan):not-affected (5.2.0-8.9)
Patches:
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by
d5bb334a8e171b262e48f378bd2096c0ea458265
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by
693cd8ce3f882524a5d06f7800dd8492411877b3
Introduced by
693cd8ce3f882524a5d06f7800dd8492411877b3
Fixed by
eca94432934fe5f141d084f2e36ee2c0e614cc04
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1090.101)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1047.49)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1018.20)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1003.3)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1047.49~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (CONFIG_BT not set)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (CONFIG_BT not set)
Ubuntu 19.04 (Disco Dingo):not-affected (CONFIG_BT not set)
Ubuntu 19.10 (Eoan):not-affected (CONFIG_BT not set)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (CONFIG_BT not set)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (CONFIG_BT not set)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1041.43)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1042.45)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1020.20)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1003.3)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1042.45)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1041.43)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1020.20~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-60.67~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-31.33~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-60.67~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.3.0-12.13~18.04.2)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (CONFIG_BT not set)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (CONFIG_BT not set)
Ubuntu 19.04 (Disco Dingo):not-affected (CONFIG_BT not set)
Ubuntu 19.10 (Eoan):not-affected (CONFIG_BT not set)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needs-triage ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needs-triage ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1056.65)
Ubuntu 19.04 (Disco Dingo):pending (4.15.0-1056.65)
Ubuntu 19.10 (Eoan):pending (4.15.0-1056.65)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1022.25~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1022.25)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1004.8)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1002.2)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1118.127)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1044.47)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1019.19)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1005.6)
Package
Upstream:released (5.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1122.128)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1062.69)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1023.24)
Ubuntu 19.10 (Eoan):DNE
More Information

Updated: 2019-10-18 02:48:38 UTC (commit cccfc4426d8c1fbf582a89d981fe7fc812124543)