Bug 1606203 (CVE-2018-10910)

Summary: CVE-2018-10910 bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices
Product: [Other] Security Response Reporter: Scott Gayou <sgayou>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: bnocera, darcari, dwmw2, dzickus, gtiwari, hwkernel-mgr, spacewar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-31 22:32:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1606371, 1606373, 1609340    
Bug Blocks: 1594633    

Description Scott Gayou 2018-07-20 18:55:53 UTC 
A bug in bluez prevents the disabling of Bluetooth discoverability. In certain situations, this flaw could potentially lead to the unauthorized pairing of Bluetooth devices.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1602985
Comment 1 Scott Gayou 2018-07-20 19:39:13 UTC 
Upstream workaround in gnome-bluetooth: https://gitlab.gnome.org/GNOME/gnome-bluetooth/commit/6b5086d42ea64d46277f3c93b43984f331d12f89

Note that the actual bug is not in gnome-bluetooth.

RHEL is not affected as RHEL-7 is running Gnome 3.26, which is not impacted.
Comment 2 Scott Gayou 2018-07-20 19:41:02 UTC 
Created bluez tracking bugs for this issue:

Affects: fedora-all [bug 1606371]
Comment 5 Scott Gayou 2018-07-24 15:58:02 UTC 
Acknowledgments:

Name: Chris Marchesi
Comment 8 Scott Gayou 2018-07-30 14:48:54 UTC 
Mitigation:

Disable Bluetooth.
Comment 9 Scott Gayou 2018-08-09 18:14:10 UTC 
It appears that a fix was merged upstream and may be available in a future release of BlueZ 5.51. gnome-bluetooth-3.28.2 will take advantage of this fix.
Comment 10 errata-xmlrpc 2020-03-31 19:22:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:1101 https://access.redhat.com/errata/RHSA-2020:1101
Comment 11 Product Security DevOps Team 2020-03-31 22:32:46 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2018-10910
Comment 12 errata-xmlrpc 2020-04-28 16:06:17 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:1912 https://access.redhat.com/errata/RHSA-2020:1912