CVE-2020-12351/12352/24490: Linux Bluetooth Protocol Remote Code Execution Vulnerability Alert

On October 13, 2020, Google security researchers disclosed three vulnerabilities in the Bluetooth protocol stack of the Linux kernel. The vulnerability numbers are CVE-2020-12351, CVE-2020-12352, and CVE-2020-24490, including one high-risk vulnerability and two medium-risk vulnerabilities.
A remote attacker can conduct remote code execution without user interaction by sending specially crafted request content to the affected host. The POC and vulnerability details have been disclosed.

Intel addressed the security issue in a Tuesday advisory, recommending that users update the Linux kernel to version 5.9 or later.

Vulnerability Detail

CVEID: CVE-2020-12351

Description: Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

CVSS Base Score:  8.3 High

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2020-12352

Description: Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

CVSS Base Score:  5.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVEID: CVE-2020-24490

Description: Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS Base Score:  5.3 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected version

All Linux kernel versions that support BlueZ. Some commonly affected Linux distributions include:

  • Red Hat Enterprise Linux 7/8
  • Ubuntu 20.04 LTS
  • Debian 9/10/11

Solution

In this regard, we recommend that users upgrade Linux-kernel to the latest version in time. It is recommended to update the Linux kernel to version 5.9 or higher. Installing the following kernel fixes to address these issues: