USN-3856-1: GNOME Bluetooth vulnerability

USN-3856-1: GNOME Bluetooth vulnerability

gnome-bluetooth vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.04 LTS

Summary

GNOME Bluetooth could allow unintended access to devices.

Software Description

• gnome-bluetooth – GNOME Bluetooth tools

Details

Chris Marchesi discovered that BlueZ incorrectly handled disabling
Bluetooth visibility. A remote attacker could possibly pair to devices,
contrary to expectations. This update adds a workaround to GNOME Bluetooth
to fix the issue.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS

gnome-bluetooth – 3.28.0-2ubuntu0.1

libgnome-bluetooth13 – 3.28.0-2ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

• CVE-2018-10910

Source: USN-3856-1: GNOME Bluetooth vulnerability