REDHAT-BUG-2253391: Medium severity Bluetooth HID Profile vulnerability
The HID Profile in multiple Bluetooth host stacks may accept connections with the HID control and HID interrupt channels of the HID Host role without MITM protection/mitigation and without user confirmation on the Central role device. This can permit a device like a keyboard (or emulating a keyboard) to successfully connect to a discoverable device without confirmation and permit keystroke injection.
Patch: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=25a471a83e02e1effb15d5a488b3f0085eaeb675
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-2253391?
The severity of REDHAT-BUG-2253391 is considered high due to the lack of MITM protection in Bluetooth HID connections.
How do I fix REDHAT-BUG-2253391?
To fix REDHAT-BUG-2253391, ensure that your Bluetooth HID stack is updated to the latest version provided by your vendor.
What devices are affected by REDHAT-BUG-2253391?
Devices using the Bluetooth HID Profile may be affected by REDHAT-BUG-2253391, especially those employing the HID Host role.
What are the potential risks of REDHAT-BUG-2253391?
The potential risks of REDHAT-BUG-2253391 include unauthorized access and data interception due to unprotected Bluetooth HID connections.
Is user confirmation required for connections in REDHAT-BUG-2253391?
No, REDHAT-BUG-2253391 indicates that user confirmation is not required for connections, increasing vulnerability.