A vulnerability was found in Linux Kernel, where Passkey Entry protocol used in Secure Simple Pairing (SSP), Secure Connections (SC) and LE Secure Connections (LESC) of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any previous knowledge. Refer: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d19628f539fccf899298ff02ee4c73e4bf6df3f
Mitigation: Devices should not accept their own public key from a peer during a pairing session. The pairing procedure should be terminated with a failure status if this occurs.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1964968]
Bluez Fix: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=00da0fb4972cf59e1c075f313da81ea549cb8738
Created bluez tracking bugs for this issue: Affects: fedora-all [bug 1965051]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4432 https://access.redhat.com/errata/RHSA-2021:4432
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-26558