CVE-2020-12352
Published: 14 October 2020
Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
From the Ubuntu Security Team
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory).
Notes
| Author | Note |
|---|---|
| sbeattie | introduced in 3.6 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-122.124)
|
| focal |
Released
(5.4.0-52.57)
|
|
| groovy |
Not vulnerable
(5.8.0-25.26)
|
|
| trusty |
Ignored
(was needed ESM criteria)
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Released
(4.4.0-197.229)
|
|
|
Patches: Introduced by 47f2d97d38816aaca94c9b6961c6eff1cfcd0bd6 |
||
|
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Not vulnerable
(CONFIG_BT not set)
|
|
| groovy |
Not vulnerable
(CONFIG_BT not set)
|
|
| trusty |
Not vulnerable
(CONFIG_BT not set)
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Not vulnerable
(CONFIG_BT not set)
|
|
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Not vulnerable
(CONFIG_BT not set)
|
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Not vulnerable
(CONFIG_BT not set)
|
|
| groovy |
Not vulnerable
(CONFIG_BT not set)
|
|
| trusty |
Not vulnerable
(CONFIG_BT not set)
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Not vulnerable
(CONFIG_BT not set)
|
|
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(CONFIG_BT not set)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Not vulnerable
(cloud-only kernel)
|
|
| groovy |
Not vulnerable
(cloud-only kernel)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Not vulnerable
(cloud-only kernel)
|
|
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.4 Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-1029.31~18.04.1)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-gkeop-5.4 Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-1004.5)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Ignored
(converted to linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Released
(4.15.0-122.124~16.04.1)
|
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-52.57~18.04.1)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Pending
(5.8.0-25.26~20.04.1)
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(CONFIG_BT not set)
|
| focal |
Not vulnerable
(CONFIG_BT not set)
|
|
| groovy |
Not vulnerable
(CONFIG_BT not set)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Not vulnerable
(CONFIG_BT not set)
|
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Released
(4.4.0-197.229~14.04.1)
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1100.110)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.6.0-1032.33)
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.0.0-1070.76)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Not vulnerable
(cloud-only kernel)
|
|
| groovy |
Not vulnerable
(cloud-only kernel)
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Not vulnerable
(cloud-only kernel)
|
|
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(cloud-only kernel)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(cloud-only kernel)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.4.0-1022.25)
|
|
| groovy |
Not vulnerable
(5.8.0-1006.9)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1022.25~18.04.1)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1074.79)
|
| focal |
Ignored
(replaced by linux-raspi)
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Released
(4.4.0-1142.152)
|
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.3.0-1036.38)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.4.0-37.42)
|
|
| groovy |
Not vulnerable
(5.8.0-7.7)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Does not exist
|
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1090.99)
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.10~rc1)
|
|
| xenial |
Released
(4.4.0-1146.156)
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.5 |
| Attack vector | Adjacent |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12352
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
- https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq
- https://lore.kernel.org/linux-bluetooth/20200806181714.3216076-1-luiz.dentz@gmail.com/
- https://git.kernel.org/linus/eddb7732119d53400f48a02536a84c509692faa8
- https://ubuntu.com/security/notices/USN-4592-1
- https://ubuntu.com/security/notices/USN-4591-1
- https://ubuntu.com/security/notices/USN-4657-1
- NVD
- Launchpad
- Debian