CVE-2021-21367 – Incorrect Authorization in switchboard-plug-bluetooth
https://notcve.org/view.php?id=CVE-2021-21367
Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the Bluetooth plug is running (in discoverable mode), Bluetooth service requests and pairing requests are automatically accepted, allowing physically proximate attackers to pair with a device running an affected version of switchboard-plug-bluetooth without the active consent of the user. By default, elementary OS doesn't expose any services via Bluetooth that allow information to be extracted by paired Bluetooth devices. However, if such services (i.e. contact list sharing software) have been installed, it's possible that attackers have been able to extract data from such services without authorization. If no such services have been installed, attackers are only able to pair with a device running an affected version without authorization and then play audio out of the device or possibly present a HID device (keyboard, mouse, etc...) to control the device. • https://github.com/elementary/switchboard-plug-bluetooth/commit/86500e645a907538abafe5225b67cc12c03e7645 https://github.com/elementary/switchboard-plug-bluetooth/releases/tag/2.3.5 https://github.com/elementary/switchboard-plug-bluetooth/security/advisories/GHSA-5p3g-j69g-w2mq https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV7WKO5SZHTF3QEMX4WZ576HRECIG6VQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7TCGM4B45VLUJDCE5PHFYA5KBNHD4RA https://lists.fedoraproject • CWE-863: Incorrect Authorization •