Tech giants Google and Intel have found a serious Bluetooth flaw in the new version of Linux Kernel. According to a Google researcher, this bug allows seamless code execution by attackers within the Bluetooth range.
According to the companies, this flaw resides in the software stack BlueZ, which implements all core Bluetooth protocols in Linux. BlueZ is used in Linux laptops and in various IoT devices that boast Linux versions 2.4.6 and higher.
Google engineer Andy Nguyen, who named this flaw “BleedingTooth,” said that a blog post on the same will be out soon. Refer to this Tweet thread for more info. He has also uploaded a video about the same.
The researcher wrote, “BleedingTooth is a set of zero-click vulnerabilities in the Linux Bluetooth subsystem that can allow an unauthenticated, remote attacker in short distance to execute arbitrary code with kernel privileges on vulnerable devices.”
He said his discovery was inspired by the research that led to BlueBorne — a similar, proof-of-concept exploit that allowed attackers to send commands without users clicking on any links or making any physical contact with the device. More about BlueBorne here.
On the other hand, Intel has also issued an advisory where it has assigned a severity score of 8.3 out of 10 to this issue. The advisory states, “Potential security vulnerabilities in BlueZ may allow escalation of privilege or information disclosure. BlueZ is releasing Linux kernel fixes to address these potential vulnerabilities.”
Even though the vulnerability looks severe, experts say there’s no reason to panic. BleedingTooth requires attackers to be in the Bluetooth range of the vulnerable device. Not only that, but it also requires high knowledge and does not work on all the world’s Bluetooth devices.