Navigation

    UBports Robot Logo

    UBports Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search

    [security][solved] Can we get BlueBorne (Bluetooth vulnerabilities) fixed in OTA-2 or OTA-1 hotfix?

    OS
    6
    12
    2568
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Talkless last edited by Talkless

      Here's some news link:

      https://arstechnica.com/information-technology/2017/09/bluetooth-bugs-open-billions-of-devices-to-attacks-no-clicking-required/

      Ubuntu CVE pages:

      https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000251.html

      https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000250.html

      1 Reply Last reply Reply Quote 0
      • Flohack
        Flohack last edited by

        To be honest: We cannot do this so fast. We are a small team, and the patches we are talking here about need to be backported probably, which creates chance to introduce new errors, or in worst case new security flaws. The CVE 250 is fixed in Bluez, which means we could try to upgrade to a newer version in the same moment.

        The CVE 251 is a kernel patch, which is really painful, we would need to backport it to various 3.x kernel versions, which are all more or less end of life already. maybe someone can take a look if Android is backporting this for the older devices.

        Until we want to delay OTA-2 further to an unknown date I suggest releasing it without these patches, and make a hotfix later.

        BR

        M V 2 Replies Last reply Reply Quote 2
        • M
          Marathon2422 @Flohack last edited by Marathon2422

          @Flohack I am with you,on the not delaying part,I am near retirement,I want to see you guys take over the world before ~~~~~

          1 Reply Last reply Reply Quote 1
          • V
            vandys @Flohack last edited by

            @Flohack FYI, probably just got attacked at the local Cafe. Turned on BT for my external keyboard, but keyboard typing was locked up, then an authentication dialog box popped up. I shut the device down ASAP, will do a clean install since God knows what got scribbled.

            No BT in public for me until this is fixed!

            1 Reply Last reply Reply Quote 1
            • V
              vandys last edited by

              Ok, I've studied the CVE and the patches, and I'm pretty sure I can get this applied for the kernel source net/bluetooth/l2cap_core.c, at least on hammerhead. I can take a similar look if somebody can tell me how to check out the source which includes src/sdpd-request.c.

              1 Reply Last reply Reply Quote 0
              • U
                UniSuperBox last edited by UniSuperBox

                This issue has already been fixed in the hammerhead kernel via this commit. I believe a pull from the upstream Fairphone kernel fixed it, too, but I'll need to get confirmation.

                This fix has not been released to anything but the devel channel.

                1 Reply Last reply Reply Quote 0
                • T
                  Talkless last edited by

                  From Community Update 15:

                  People have been asking about the KRACK and BlueBorne vulnerabilities lately, and for good reason. These are highly public explots. Both have been fixed in the RC and Devel channels, with the fixes landing in Stable with the next OTA.

                  Lakotaubp 1 Reply Last reply Reply Quote 0
                  • Lakotaubp
                    Lakotaubp @Talkless last edited by

                    @Talkless Are they todays OTA's or future ones. Thanks

                    T 1 Reply Last reply Reply Quote 0
                    • T
                      Talkless @Lakotaubp last edited by

                      @Lakota said in [security][solved] Can we get BlueBorne (Bluetooth vulnerabilities) fixed in OTA-2 or OTA-1 hotfix?:

                      @Talkless Are they todays OTA's or future ones. Thanks

                      "next OTA", the future one.

                      Lakotaubp 1 Reply Last reply Reply Quote 0
                      • Lakotaubp
                        Lakotaubp @Talkless last edited by

                        @Talkless Thanks for clearing that up. Wasn't sure only read your comments after yesterday OT A's.

                        T 1 Reply Last reply Reply Quote 0
                        • T
                          Talkless @Lakotaubp last edited by

                          @Lakota said in [security][solved] Can we get BlueBorne (Bluetooth vulnerabilities) fixed in OTA-2 or OTA-1 hotfix?:

                          @Talkless Thanks for clearing that up. Wasn't sure only read your comments after yesterday OT A's.

                          Uhm, what do you mean "after yesterday OT A's" ?

                          It will be fixed on OTA-3, if I understood correctly, which is not yet released AFAIK.

                          Lakotaubp 1 Reply Last reply Reply Quote 0
                          • Lakotaubp
                            Lakotaubp @Talkless last edited by

                            @Talkless Had forgotten mine are now on RC channel not stable and updated to r14 yesterday. Or am I getting mixed up with things and OTA's.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post