diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-05-27 08:54:37 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-05-27 08:54:37 +0200 |
| commit | 210583c52793d38d39de2a830ee15c7ac9308f01 (patch) | |
| tree | a4fad4b659dec9a840f388c67af0e6ac575e1630 /active | |
| parent | 089990092d293c4d9a40feccdf5ed21157bc2558 (diff) | |
Add additional CVEs for bluetooth issues
Diffstat (limited to 'active')
| -rw-r--r-- | active/CVE-2020-26555 | 14 | ||||
| -rw-r--r-- | active/CVE-2020-26556 | 14 | ||||
| -rw-r--r-- | active/CVE-2020-26557 | 14 | ||||
| -rw-r--r-- | active/CVE-2020-26559 | 14 | ||||
| -rw-r--r-- | active/CVE-2020-26560 | 14 |
5 files changed, 70 insertions, 0 deletions
diff --git a/active/CVE-2020-26555 b/active/CVE-2020-26555 new file mode 100644 index 00000000..192e55e3 --- /dev/null +++ b/active/CVE-2020-26555 @@ -0,0 +1,14 @@ +Description: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/impersonation-pin-pairing/ + https://bugzilla.redhat.com/show_bug.cgi?id=1918601 +Notes: +Bugs: +upstream: +5.10-upstream-stable: +4.19-upstream-stable: +4.9-upstream-stable: +sid: +4.19-buster-security: +4.9-stretch-security: diff --git a/active/CVE-2020-26556 b/active/CVE-2020-26556 new file mode 100644 index 00000000..8b113ff4 --- /dev/null +++ b/active/CVE-2020-26556 @@ -0,0 +1,14 @@ +Description: malleable commitment Bluetooth Mesh Provisioning +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/malleable/ + https://bugzilla.redhat.com/show_bug.cgi?id=1960012 +Notes: +Bugs: +upstream: +5.10-upstream-stable: +4.19-upstream-stable: +4.9-upstream-stable: +sid: +4.19-buster-security: +4.9-stretch-security: diff --git a/active/CVE-2020-26557 b/active/CVE-2020-26557 new file mode 100644 index 00000000..414a2551 --- /dev/null +++ b/active/CVE-2020-26557 @@ -0,0 +1,14 @@ +Description: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/predicatable-authvalue/ + https://bugzilla.redhat.com/show_bug.cgi?id=1960009 +Notes: +Bugs: +upstream: +5.10-upstream-stable: +4.19-upstream-stable: +4.9-upstream-stable: +sid: +4.19-buster-security: +4.9-stretch-security: diff --git a/active/CVE-2020-26559 b/active/CVE-2020-26559 new file mode 100644 index 00000000..7aa3d69b --- /dev/null +++ b/active/CVE-2020-26559 @@ -0,0 +1,14 @@ +Description: Authvalue leak in Bluetooth Mesh Provisioning +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/ + https://bugzilla.redhat.com/show_bug.cgi?id=1960011 +Notes: +Bugs: +upstream: +5.10-upstream-stable: +4.19-upstream-stable: +4.9-upstream-stable: +sid: +4.19-buster-security: +4.9-stretch-security: diff --git a/active/CVE-2020-26560 b/active/CVE-2020-26560 new file mode 100644 index 00000000..2af6da03 --- /dev/null +++ b/active/CVE-2020-26560 @@ -0,0 +1,14 @@ +Description: impersonation attack in Bluetooth Mesh Provisioning +References: + https://kb.cert.org/vuls/id/799380 + https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/impersonation-mesh/ + https://bugzilla.redhat.com/show_bug.cgi?id=1959994 +Notes: +Bugs: +upstream: +5.10-upstream-stable: +4.19-upstream-stable: +4.9-upstream-stable: +sid: +4.19-buster-security: +4.9-stretch-security: |