A vulnerability in Bluetooth pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth devices. This may result in information disclosure, elevation of privilege and/or denial of service. External References: https://www.kb.cert.org/vuls/id/304725 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00128.html https://www.bluetooth.com/news/unknown/2018/07/bluetooth-sig-security-update
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1615683]
Created linux-firmware tracking bugs for this issue: Affects: fedora-all [bug 1615706]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2169 https://access.redhat.com/errata/RHSA-2019:2169
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-5383