According to the latest news, in the new version of Linux Kernel, American tech giants Google and Intel have discovered a serious Bluetooth flaw. A Google researcher elaborated that this bug allows seamless code execution by attackers within the Bluetooth range. Google and Intel have pointed out that this flaw resides in the software stack BlueZ. Note that BlueZ implements all core Bluetooth protocols in Linux as it is used in Linux laptops and in various IoT devices. Mostly, it is found in Linux based laptops and devices with Linux versions 2.4.6 and higher.
Andy Nguyen, a Google engineer has named this flaw as “BleedingTooth,”.In his blog, he has posted about it and also uploaded a video of the same. If you are eager to know it in detail, then refer to this Tweet thread.
Andy Nguyen posted “BleedingTooth is a set of zero-click vulnerabilities in the Linux Bluetooth subsystem that can allow an unauthenticated, remote attacker in short distance to execute arbitrary code with kernel privileges on vulnerable devices.”
Andy Nguyen said that his discovery was inspired by another research that led to BlueBorne. Note that BlueBorne is a similar proof of concept exploit that allowed attackers to send commands without users clicking on any links or making any physical contact with the device.
Intel, on the other hand, has issued an advisory where it has assigned a severity score of 8.3 out of 10. Intel’s advisory states, “Potential security vulnerabilities in BlueZ may allow escalation of privilege or information disclosure. BlueZ is releasing Linux kernel fixes to address these potential vulnerabilities.”
However, it should be noted that even though the vulnerability looks severe but the experts are saying that there is no reason to panic because BleedingTooth requires attackers to be in a Bluetooth range with the vulnerable device. Apart from this, it also requires high knowledge and does not work on each and every Bluetooth device.
Google researcher, Andy Nguyen @theflow0 posted “BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution Blog post available soon on:security.googleblog.com Google Security Research Repository: github.com/google/securit ”
On the other hand, Intel posted this security advisory, here.