Retire inactive issues

author: Ben Hutchings <ben@decadent.org.uk> 2022-02-25 03:01:20 +0100
committer: Ben Hutchings <ben@decadent.org.uk> 2022-02-25 03:01:20 +0100
commit: 48a9a9513a23b164588f78f42c492b1d05b462d2 (patch)
tree: 5a8d9581beb8035904ea135a82faa0e245cae9ea /retired/CVE-2020-26557
parent: 322eaf84fa0d24cdfa4acc99ff4a8d5635ab0654 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2020-26557 b/retired/CVE-2020-26557
new file mode 100644
index 00000000..4a86b8c4
--- /dev/null
+++ b/retired/CVE-2020-26557
@@ -0,0 +1,16 @@
+Description: predictable Authvalue in Bluetooth Mesh Provisioning Leads to MITM
+References:
+ https://kb.cert.org/vuls/id/799380
+ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/predicatable-authvalue/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1960009
+Notes:
+ bwh> Mesh provisioning seems to be handled in user-space.
+Bugs:
+upstream: N/A "Not implemented in kernel"
+5.10-upstream-stable: N/A "Not implemented in kernel"
+4.19-upstream-stable: N/A "Not implemented in kernel"
+4.9-upstream-stable: N/A "Not implemented in kernel"
+sid: N/A "Not implemented in kernel"
+5.10-bullseye-security: N/A "Not implemented in kernel"
+4.19-buster-security: N/A "Not implemented in kernel"
+4.9-stretch-security: N/A "Not implemented in kernel"
author	Ben Hutchings <ben@decadent.org.uk>	2022-02-25 03:01:20 +0100
committer	Ben Hutchings <ben@decadent.org.uk>	2022-02-25 03:01:20 +0100
commit	48a9a9513a23b164588f78f42c492b1d05b462d2 (patch)
tree	5a8d9581beb8035904ea135a82faa0e245cae9ea /retired/CVE-2020-26557
parent	322eaf84fa0d24cdfa4acc99ff4a8d5635ab0654 (diff)