Bug 1176442 - (CVE-2020-15802) VUL-0: CVE-2020-15802: kernel-source: hardware: BLURtooth: "Dual mode" hardware using CTKD are vulnerable to key overwrite
VUL-0: CVE-2020-15802: kernel-source: hardware: BLURtooth: "Dual mode" hardwa...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2020-09-11 08:25 UTC by Marcus Meissner
Modified: 2022-05-09 13:31 UTC (History)
9 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2020-09-11 08:25:27 UTC

Bluetooth SIG Statement Regarding the Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy Vulnerability (BLURtooth)

Researchers at the École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University have independently identified vulnerabilities related to Cross-Transport Key Derivation (CTKD) in implementations supporting pairing and encryption with both Bluetooth BR/EDR and LE in Bluetooth Specifications 4.2 through 5.0. The researches identified that CTKD, when implemented to older versions of the specification, may permit escalation of access between the two transports with non-authenticated encryption keys replacing authenticated keys or weaker encryption keys replacing stronger encryption keys.

The researchers also identified that CTKD may permit a remote paired device to access some LE services if BR/EDR access is achieved or BR/EDR profiles if LE access is achieved. As this is the intended use of CTKD, these cross-transport procedures are not being considered vulnerabilities by the SIG.

For this attack to be successful, an attacking device would need to be within wireless range of a vulnerable Bluetooth device supporting both BR/EDR and LE transports that supports CTKD between the transports and permits pairing on either the BR/EDR or LE transport either with no authentication (e.g. JustWorks) or no user-controlled access restrictions on the availability of pairing. If a device spoofing another device’s identity becomes paired or bonded on a transport and CTKD is used to derive a key which then overwrites a pre-existing key of greater strength or that was created using authentication, then access to authenticated services may occur. This may permit a Man In The Middle (MITM) attack between devices previously bonded using authenticated pairing when those peer devices are both vulnerable.

The Bluetooth SIG is recommending that potentially vulnerable implementations introduce the restrictions on Cross-Transport Key Derivation mandated in Bluetooth Core Specification versions 5.1 and later.

The Bluetooth SIG is also broadly communicating details on this vulnerability and its remedies to our member companies and is encouraging them to rapidly integrate any necessary patches.  As always, Bluetooth users should ensure they have installed the latest recommended updates from device and operating system manufacturers.

For more information, please refer to the statement from the CERT Coordination Center. https://www.kb.cert.org/vuls/id/589825/

Comment 1 Borislav Petkov 2020-10-16 10:39:59 UTC
Marcus, are you aware of any "patches" in the meantime?
Comment 2 Marcus Meissner 2020-10-16 11:57:03 UTC
not over the security channels.

al cho? any news over the bluetooth channels?
Comment 3 Al Cho 2020-10-19 15:20:13 UTC
(In reply to Marcus Meissner from comment #2)
> not over the security channels.
> al cho? any news over the bluetooth channels?

Hi Marcus,

no,there are no more information from upstream, following up.
Comment 7 Gabriele Sonnu 2022-05-09 13:31:28 UTC
No fixes available. Closing as WONTFIX.