Lucene search

Redhat.comRH:CVE-2020-25661

HistoryNov 03, 2020 - 11:01 a.m.

CVE-2020-25661

2020-11-0311:01:14

redhat.com

access.redhat.com

red hat

cve-2020-12351

linux kernel

bluetooth

l2cap packets

a2mp cid

remote attacker

denial of service

arbitrary code

vulnerability

confidentiality

integrity

system availability

mitigation

operating system

blocklisting kernel modules

modprobe rules

hardware disablement

bios disablement

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

66.6%

JSON

A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel’s Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent range to crash the system, causing a denial of service or potentially executing arbitrary code on the system by sending a specially crafted L2CAP packet. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Mitigation

To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the Customer Portal at <https://access.redhat.com/solutions/2682931>.

Alternatively, Bluetooth can be disabled within the hardware or at BIOS level which will also provide an effective mitigation as the kernel will not be able to detect that Bluetooth hardware is present on the system.