BleedingTooth is the name given to a group of zero-click vulnerabilities in the Linux Bluetooth subsystem that can allow a remote and unauthenticated attacker to execute arbitrary code on the system with kernel privileges, the only thing necessary is that the computer has Bluetooth on and the attacker is within close range, or at least within range of the Bluetooth device.
This vulnerability was disclosed by Intel and I classify it as high severity as the flaws affect BlueZ, the software stack that implements all Bluetooth core layers and protocols for Linux by default.
What BleedingTooth does and what we can do?
BlueZ is used in laptops, and other products such as the Internet of Things, which is worth noting are almost never updated. This vulnerability does not require the user to do anything, not a false click, only that the Bluetooth is turned on.
Intel currently recommends that we upgrade to Linux kernel 5.10 or later, a kernel that will not be released until December 2020 if there is no eventuality. That is, the vulnerability affects all current Linux kernel versions that support BlueZ.
Something that we must bear in mind is that laptops with Linux and countless IoT devices are still exposed, and the latter in particular, we know that they are a security nightmare due to the little care that is taken in this regard with them and what unless we can wait for a patch to be released to fix this vulnerability since in reality, very little is known about BleedingTooth, and at the moment we only have the brief announcement from Intel with which we can inform ourselves.
