Home » Gadgets » Bluetooth: Critical Security Gaps Enable Device Transfer

Bluetooth: Critical Security Gaps Enable Device Transfer

Tuesday, September 12th, 2017 | Gadgets

In the Bluetooth implementations of almost all current operating systems, researchers have discovered some critical security gaps. These allow an attacker to execute arbitrary code on the device – without prior pairing.

According to the security firm Armis, which has found the error, the company has up to five billion devices worldwide, two billion with Android, two billion with Windows and around one billion Apple devices. Of the different Bluetooth versions, only Bluetooth Low Energy is not to be affected (search in detail in PDF)
Direct device access is possible
The security gaps lie not in the Bluetooth protocol, but in the respective Bluetooth stacks. Attackers could, in contrast to the WLAN security gap in Broadcom chips, get some direct access to devices, there is no intermediate step necessary, writes Armis.

Numerous manufacturers have already made patches. Google was first informed on April 19, the vulnerabilities in Android were fixed with the security patches of September 4th. Google has patched the vulnerabilities in the Android versions from version 6 onwards. Microsoft has provided updates on September 12th. According to Armis, Samsung has not reported back on multiple requests.

The big Linux distributions and the kernel developers want to provide patches at short notice. According to Red Hat, the activation of Kernel Stack Protection prevents the vulnerability from being exploited. Apple products with new operating system versions are not to be affected.
The impact of the weak points varies according to the operating system. On Windows, a man-in-the-middle attack can be performed (CVE-2017-8628). All Linux devices from kernel version 3.3.-rc1 are affected by the possibility of code execution (Remote Code Execution, RCE). For this purpose, stack overflow is used in L2CAP.
Also under Android it is above all memory errors, which lead to the undesirable behavior. For a successful exploit no interactions of the users, no active pairing and no authorization are necessary, the security researchers write.

Related

Nicky Hayden: Prosecutor arrests part gu

22 September 2017 – 13:05 Investigation concluded: According to the prosecutor's office, the

Airline Insolvency - German government a

"The Air Berlin model as a stand-alone airline has failed", said State Secretary

Rihanna Blonde Hair

Rihanna Blonde Hair Rihanna Blonde Hair Vlogs HOW TO GET MASSIVE LASHES! Rihanna

Minecraft: Players are now building cros

The latest update for the minecraft game Minecraft is called Better Together Update.