Google warns of severe ‘BleedingTooth’ Bluetooth flaw in Linux kernel
A new vulnerability has been disclosed by Google, a high-severity flaw that affects Linux devices. The bug reportedly lies in the Bluetooth stack within Linux kernel versions 5.9 and below that support BlueZ. Cybersecurity firms are urging users to update the Linux kernel to version 5.9, which was released just two days ago. The high-severity Bluetooth flaw can lead to privilege escalation through remote access by an unauthenticated user.
Cybersecurity firm Intel stated that the BlueZ project is planning to release fixes for the high severity flaw alongside two others that pertain to medium risk flaws. Through leveraging the bug, a malicious actor could potentially enable information disclosure via adjacent access as well, which poses a significant threat to Linux users who store sensitive information on their devices.