[Security] Issues in bluetooth and vt

There is a rather serious security issue in the bluetooth stack in every kernel from 4.8 to 5.9 included. It’s called BleedingTooth.

Fixes are already available and should soon arrive in every supported kernel.

There is also another security issue in VT (virtual terminal), CVE-2020-25656.

4 Likes

Just to check my own sanity, if i completely disabled Bluetooth on OS level and bios level, i should have been safe even before that patch? :upside_down_face:

Yes I think so, but I’m not a security expert :slight_smile:

1 Like

so good that we do not enable BT per default on EndeavourOS :nerd_face:

7 Likes

Yeah, that’s a huge plus for EndeavourOS in my book.
:+1:t3:

2 Likes

…and so sad that nowadays you rarely find hardware switches on laptops :frowning:
My old X200 had such a switch which could turn both WiFi and BT on/off.

2 Likes

Patches are now available: https://lore.kernel.org/patchwork/patch/1321887/

Yep, my older VAIO also have hardware switch for all wireless networking as well - what a great idea it is, especially this days!