Bug 1960012 (CVE-2020-26556) - CVE-2020-26556 kernel: malleable commitment Bluetooth Mesh Provisioning
Summary: CVE-2020-26556 kernel: malleable commitment Bluetooth Mesh Provisioning
Keywords:
Status: NEW
Alias: CVE-2020-26556
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
: 1963416 (view as bug list)
Depends On: 1969622 1969623 1969624
Blocks: 1969593
TreeView+ depends on / blocked
 
Reported: 2021-05-12 19:15 UTC by Guilherme de Almeida Suckevicz
Modified: 2023-09-19 14:13 UTC (History)
44 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Guilherme de Almeida Suckevicz 2021-05-12 19:15:26 UTC 
The authentication protocol in the Bluetooth® Mesh Profile Specification versions 1.0 and 1.0.1 is vulnerable if the AuthValue can be identified during the provisioning procedure, even if the AuthValue is selected randomly. If an attacker can identify the AuthValue used before the provisioning procedure times out, it is possible to complete the provisioning operation and obtain a NetKey.
Comment 14 Rohit Keshri 2021-06-08 18:43:39 UTC 
Created bluez tracking bugs for this issue:

Affects: fedora-all [bug 1969622]
Comment 16 Rohit Keshri 2021-08-01 16:44:01 UTC 
*** Bug 1963416 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.