CVE-2018-5383
published 2018-08-07CVE-2018-5383: Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before…
PriorityP184medium6.8CVSS 3.1
AVAACHPRNUINSUCHIHAN
ITWVulnCheck KEVRansomware
Exploited in the wild
EPSS
0.80%
52.0th percentile
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android_open_source_project | android | >= unspecified < 2018-06-05 patch level | 2018-06-05 patch level |
| apple | ios | — | — |
| apple | ios | — | — |
| apple | ios | >= 11 < 11.4 | 11.4 |
| apple | iphone_os | < 11.4 | 11.4 |
| apple | mac_os_x | < 10.13 | 10.13 |
| apple | macos | >= 10.13 High Sierra < 10.13.6 | 10.13.6 |
| apple | macos_high_sierra_10.13.5_security_update_2018-003_sierra_security_update_2018-0 | — | — |
| apple | macos_high_sierra_10.13.6_security_update_2018-004_sierra_security_update_2018-0 | — | — |
| apple | macos_mojave | — | — |
| apple | tvos | — | — |
| apple | tvos | — | — |
| apple | watchos | — | — |
| debian | firmware-nonfree | < firmware-nonfree 20190114-1 (bookworm) | firmware-nonfree 20190114-1 (bookworm) |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| linux | linux_kernel | >= 0 < 4.4.0-159.187 | 4.4.0-159.187 |
| linux | linux_kernel | >= 0 < 4.15.0-58.64 | 4.15.0-58.64 |
| ti | wl18xx_bluetooth_service_pack | < 4.3 | 4.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2018-5383 is exploitable by an attacker within physical proximity (within 30 meters) who can intercept and forge Bluetooth pairing messages during ECDH key exchange — monitor for unexpected or repeated Bluetooth pairing attempts between devices, especially without user interaction ↗
- →The InternalBlue framework (https://github.com/seemoo-lab/internalblue) includes a demo/test for this ECDH pairing vulnerability and can be used to validate whether a Broadcom Bluetooth chipset is susceptible ↗
- →Affected component is Bluetooth input validation during pairing; Apple patched this in macOS High Sierra 10.13.6 / macOS Mojave 10.14 and iOS 11.4 — unpatched Apple devices running macOS before 10.13 or iOS before 11.4 are vulnerable ↗
- →Android devices without the 2018-06-05 security patch are vulnerable; check Android security patch level on managed devices for dates prior to 2018-06-05 ↗
- →Red Hat Enterprise MRG 2 linux-firmware package is listed as Affected; patch or mitigate Bluetooth on those hosts ↗
- ·Windows devices were not affected by CVE-2018-5383 at the time of disclosure because they were still using an older, less-secure version of the Bluetooth pairing protocol that did not implement the vulnerable ECDH exchange ↗
- ·The vulnerability requires the attacker to be within Bluetooth radio range (~30 metres standard, potentially extended with directional antenna); it is not remotely exploitable over the internet ↗
- ·Red Hat Enterprise Linux 8, 9, and Red Hat Virtualization 4 linux-firmware packages are NOT affected; only Red Hat Enterprise MRG 2 linux-firmware is listed as Affected ↗
CVSS provenance
nvdv3.16.8MEDIUMCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv3.08.0HIGHCVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
nvdv2.04.3MEDIUMAV:A/AC:M/Au:N/C:P/I:P/A:N
osv6.8MEDIUM
vulncheck6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
vendor_ubuntu6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3jm5-8qwr-jvwm: Bluetooth firmware or operating system software drivers in macOS versions before 10
ghsa_unreviewed·2022-05-13
CVE-2018-5383 [MEDIUM] CWE-325 GHSA-3jm5-8qwr-jvwm: Bluetooth firmware or operating system software drivers in macOS versions before 10
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
OSV
linux-aws vulnerabilities
osv·2019-09-02·CVSS 3.3
CVE-2018-13053 [LOW] linux-aws vulnerabilities
linux-aws vulnerabilities
It was discovered that the alarmtimer implementation in the Linux kernel
contained an integer overflow vulnerability. A local attacker could use
this to cause a denial of service. (CVE-2018-13053)
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
Wen Xu discovered that the f2fs file system implementation in the Linux
kernel did not properly validate metadata. An attacker could use this to
construct a malicious f2fs image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13096, CVE-2018-13097, CVE-2018-13098,
CVE-2018-1309
OSV
linux-lts-xenial, linux-aws vulnerabilities
osv·2019-08-13·CVSS 6.8
[MEDIUM] linux-lts-xenial, linux-aws vulnerabilities
linux-lts-xenial, linux-aws vulnerabilities
USN-4095-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 ESM.
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in
the Linux kernel did not properly validate elliptic curve parameters during
Diffie-Hellman key exchange in some situations. An attacker could use this
to expose sensitive information. (CVE-2018-5383)
It was discovered that a heap buffer overflow existed in the Marvell
Wireless LAN device driver for the Linux kernel. An attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2019-10126)
Andrei Vlad Lutas and
OSV
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
osv·2019-08-13·CVSS 6.8
CVE-2018-5383 [MEDIUM] linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in
the Linux kernel did not properly validate elliptic curve parameters during
Diffie-Hellman key exchange in some situations. An attacker could use this
to expose sensitive information. (CVE-2018-5383)
It was discovered that a heap buffer overflow existed in the Marvell
Wireless LAN device driver for the Linux kernel. An attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2019-10126)
Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors
incorrectly handle SWAPGS instructions during speculative execution. A
local attacker could use this to expose sensitive information (ke
OSV
linux, linux-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
osv·2019-08-13·CVSS 3.3
CVE-2018-13053 [LOW] linux, linux-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the alarmtimer implementation in the Linux kernel
contained an integer overflow vulnerability. A local attacker could use
this to cause a denial of service. (CVE-2018-13053)
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
Wen Xu discovered that the f2fs file system implementation in the
Linux kernel did not properly validate metadata. An attacker could
use this to construct a malicious f2fs image that, when moun
OSV
CVE-2018-5383: Bluetooth firmware or operating system software drivers in macOS versions before 10
osv·2018-08-07·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: Bluetooth firmware or operating system software drivers in macOS versions before 10
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
VulnCheck
ti wl18xx_bluetooth_service_pack Missing Cryptographic Step
vulncheck·2018·CVSS 6.8
CVE-2018-5383 [MEDIUM] ti wl18xx_bluetooth_service_pack Missing Cryptographic Step
ti wl18xx_bluetooth_service_pack Missing Cryptographic Step
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
Affected: ti wl18xx_bluetooth_service_pack
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Known Ransomware Campaign Use: Known
Exploitation References: https://www.csk.gov.in/alerts/STOP_ransomware.html
Ubuntu
Linux firmware vulnerability
vendor_ubuntu·2020-05-06
CVE-2018-5383 Linux firmware vulnerability
Title: Linux firmware vulnerability
Summary: The system could be made to expose sensitive information.
Eli Biham and Lior Neumann discovered that certain Bluetooth devices
incorrectly validated key exchange parameters. An attacker could possibly
use this issue to obtain sensitive information.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Ubuntu
Linux kernel (AWS) vulnerabilities
vendor_ubuntu·2019-09-02·CVSS 3.3
CVE-2018-13053 [LOW] Linux kernel (AWS) vulnerabilities
Title: Linux kernel (AWS) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the alarmtimer implementation in the Linux kernel
contained an integer overflow vulnerability. A local attacker could use
this to cause a denial of service. (CVE-2018-13053)
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
Wen Xu discovered that the f2fs file system implementation in the Linux
kernel did not properly validate metadata. An attacker could use this to
construct a malicious f2fs image that, when mounted, could cause a denial
of serv
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities
vendor_ubuntu·2019-08-13·CVSS 6.8
CVE-2018-5383 [MEDIUM] Linux kernel (Xenial HWE) vulnerabilities
Title: Linux kernel (Xenial HWE) vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
USN-4095-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 ESM.
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in
the Linux kernel did not properly validate elliptic curve parameters during
Diffie-Hellman key exchange in some situations. An attacker could use this
to expose sensitive information. (CVE-2018-5383)
It was discovered that a heap buffer overflow existed in the Marvell
Wireless LAN device driver for the Linux kernel. An attacker could use this
to cause a denial of service (system crash) or po
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2019-08-13·CVSS 3.3
CVE-2018-13053 [LOW] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
It was discovered that the alarmtimer implementation in the Linux kernel
contained an integer overflow vulnerability. A local attacker could use
this to cause a denial of service. (CVE-2018-13053)
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
Wen Xu discovered that the f2fs file system implementation in the
Linux kernel did not properly validate metadata. An attacker could
use this to construct a malicious f2fs image that, when mounted,
could cause a denial of service (s
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2019-08-13·CVSS 6.8
CVE-2018-5383 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the Linux kernel.
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in
the Linux kernel did not properly validate elliptic curve parameters during
Diffie-Hellman key exchange in some situations. An attacker could use this
to expose sensitive information. (CVE-2018-5383)
It was discovered that a heap buffer overflow existed in the Marvell
Wireless LAN device driver for the Linux kernel. An attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2019-10126)
Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors
incorrectly handle SWAPGS instructions during speculative execution. A
local attacker could use this to expose
Apple
CVE-2018-5383: macOS Mojave 10.14
vendor_apple·2018-09-24·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: macOS Mojave 10.14
Apple Security Update: About the security content of macOS Mojave 10.14
Product: macOS Mojave
Version: 10.14
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
Apple
CVE-2018-5383: iOS 12
vendor_apple·2018-09-17·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: iOS 12
Apple Security Update: About the security content of iOS 12
Product: iOS
Version: 12
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
Apple
CVE-2018-5383: tvOS 12
vendor_apple·2018-09-17·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: tvOS 12
Apple Security Update: About the security content of tvOS 12
Product: tvOS
Version: 12
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
Red Hat
kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
vendor_redhat·2018-07-23·CVSS 6.8
CVE-2018-5383 [MEDIUM] CWE-325 kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
A vulnerability in Bluetooth pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth devices. This may result in information
Apple
CVE-2018-5383: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
vendor_apple·2018-07-09·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
Apple Security Update: About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
Product: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
Android
CVE-2018-5383: Bluetooth
vendor_android·2018-06-01·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: Bluetooth
Android Security Bulletin 2018-06-01
CVE: CVE-2018-5383
Severity: HIGH
Type: ID
Component: Bluetooth
References: A-73665456*
B-CS4906525
Apple
CVE-2018-5383: macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan
vendor_apple·2018-06-01·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan
Apple Security Update: About the security content of macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan
Product: macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
Apple
CVE-2018-5383: iOS 11.4
vendor_apple·2018-05-29·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: iOS 11.4
Apple Security Update: About the security content of iOS 11.4
Product: iOS
Version: 11.4
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
Apple
CVE-2018-5383: watchOS 4.3.1
vendor_apple·2018-05-29·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: watchOS 4.3.1
Apple Security Update: About the security content of watchOS 4.3.1
Product: watchOS
Version: 4.3.1
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Apple
CVE-2018-5383: tvOS 11.4
vendor_apple·2018-05-29·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: tvOS 11.4
Apple Security Update: About the security content of tvOS 11.4
Product: tvOS
Version: 11.4
CVE: CVE-2018-5383
Component: Bluetooth
Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
Debian
CVE-2018-5383: firmware-nonfree - Bluetooth firmware or operating system software drivers in macOS versions before...
vendor_debian·2018·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383: firmware-nonfree - Bluetooth firmware or operating system software drivers in macOS versions before...
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
Scope: local
bookworm: resolved (fixed in 20190114-1)
bullseye: resolved (fixed in 20190114-1)
forky: resolved (fixed in 20190114-1)
sid: resolved (fixed in 20190114-1)
trixie: resolved (fixed in 20190114-1)
No detection rules found.
No public exploits indexed.
arXiv
InternalBlue - Bluetooth Binary Patching and Experimentation Framework
arxiv_fulltext·2019-05-02
InternalBlue - Bluetooth Binary Patching and Experimentation Framework
[InternalBlue]InternalBlue -- Bluetooth Binary Patching and \ Framework
InternalBlue
[1]0x#1
1
Authors blinded for review.
Dennis Mantz
[email protected]
TU Darmstadt, Secure Mobile Networking Lab
Darmstadt
Germany
Jiska Classen
[email protected]
TU Darmstadt, Secure Mobile Networking Lab
Darmstadt
Germany
Matthias Schulz
[email protected]
TU Darmstadt, Secure Mobile Networking Lab
Darmstadt
Germany
Matthias Hollick
[email protected]
TU Darmstadt, Secure Mobile Networking Lab
Darmstadt
Germany
## Abstract
Bluetooth is one of the most established technologies for short range digital
wireless data transmission. With the advent of wearables and the
IoT, Bluetooth has again gained importance, which makes security research and protocol optimizations imperative.
Surprisingly, there
Bugzilla
CVE-2018-5383 kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange [fedora-all]
bugzilla·2018-08-14·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383 kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange [fedora-all]
CVE-2018-5383 kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fe
Bugzilla
CVE-2018-5383 linux-firmware: kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange [fedora-all]
bugzilla·2018-08-14·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383 linux-firmware: kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange [fedora-all]
CVE-2018-5383 linux-firmware: kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM chan
Bugzilla
CVE-2018-5383 kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
bugzilla·2018-08-09·CVSS 6.8
CVE-2018-5383 [MEDIUM] CVE-2018-5383 kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
CVE-2018-5383 kernel: Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
A vulnerability in Bluetooth pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth devices. This may result in information disclosure, elevation of privilege and/or denial of service.
External References:
https://www.kb.cert.org/vuls/id/304725
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00128.html
https://www.bluetooth.com/news/unknown/2018/07/bluetooth-sig-security-update
Discussion:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1
Sentinelone
Bluetooth Attacks | Don’t Let Your Endpoints Down
blogs_sentinelone·2019-06-10
Bluetooth Attacks | Don’t Let Your Endpoints Down
As attackers have proven time and time again, a single weakness can compromise a system or network if defenders aren’t both informed and watchful. When it comes to leveraging vulnerabilities on the device, one area that is frequently overlooked is Bluetooth. This low-powered wireless technology is on every endpoint, widely used in Internet of Things (IoT) devices, is often active and is usually discoverable by default. What threats does Bluetooth wireless technology present and what can you do to prevent them? In this post, we take a look at Bluetooth vulnerabilities that affect the enterprise. We’ll also explain how you can mitigate risks from Bluetooth to ensure your network’s weakest link isn’t an unprotected wireless connection just waiting to be discovered.
## What’s the Problem With
Sentinelone
Bluetooth Attacks | Don’t Let Your Endpoints Down
blogs_sentinelone·2019-06-10
Bluetooth Attacks | Don’t Let Your Endpoints Down
As attackers have proven time and time again, a single weakness can compromise a system or network if defenders aren’t both informed and watchful. When it comes to leveraging vulnerabilities on the device, one area that is frequently overlooked is Bluetooth. This low-powered wireless technology is on every endpoint, widely used in Internet of Things (IoT) devices, is often active and is usually discoverable by default. What threats does Bluetooth wireless technology present and what can you do to prevent them? In this post, we take a look at Bluetooth vulnerabilities that affect the enterprise. We’ll also explain how you can mitigate risks from Bluetooth to ensure your network’s weakest link isn’t an unprotected wireless connection just waiting to be discovered.
## What’s the Problem With
http://www.cs.technion.ac.il/~biham/BT/http://www.securityfocus.com/bid/104879http://www.securitytracker.com/id/1041432https://access.redhat.com/errata/RHSA-2019:2169https://lists.debian.org/debian-lts-announce/2019/04/msg00005.htmlhttps://usn.ubuntu.com/4094-1/https://usn.ubuntu.com/4095-1/https://usn.ubuntu.com/4095-2/https://usn.ubuntu.com/4118-1/https://usn.ubuntu.com/4351-1/https://www.bluetooth.com/news/unknown/2018/07/bluetooth-sig-security-updatehttps://www.kb.cert.org/vuls/id/304725http://www.cs.technion.ac.il/~biham/BT/http://www.securityfocus.com/bid/104879http://www.securitytracker.com/id/1041432https://access.redhat.com/errata/RHSA-2019:2169https://lists.debian.org/debian-lts-announce/2019/04/msg00005.htmlhttps://usn.ubuntu.com/4094-1/https://usn.ubuntu.com/4095-1/https://usn.ubuntu.com/4095-2/https://usn.ubuntu.com/4118-1/https://usn.ubuntu.com/4351-1/https://www.bluetooth.com/news/unknown/2018/07/bluetooth-sig-security-updatehttps://www.kb.cert.org/vuls/id/304725
2018-08-07
Published
Exploited in the wild