How can we protect our equipment of vulnerabilities like the Zero-Click Bluetooth Flaws in Linux-based Devices?

---

I read the news about Google's warning of "Zero-Click Bluetooth Flaws in Linux-based Devices," and I am wondering if we can protect our equipment.

If our equipment is all up to date and patched, and we have a properly configured firewall, are we still vulnerable when there are flaws in the software like Zero-Click Bluetooth of the current Kernel?

I think it was a little over a year a go that that CVE-2019-17666 was found/announced by Nico Waisman. This was another bug in the kernel that affected Realtek Wireless cards. Apparently the bug had been in Kernel drivers for years. So, I wonder if a person who is a target or organized hackers (perhaps journalists or celebrities) if their it person had the system patched up as it should, could they still be hacked through vulnerabilities like these?

P.S. hey itpro.tv team, please publish a webinar in which you test for the buffer overflows vulnerabilities of these drivers, the bluetooth and Realtekk wireless cards, as well as to how would you penetrate a system through these.

Disable bluetooth

@Michael-McKenney You are a man of a few words, but from your answer, I infer updated software and firewalls don't protect us. Please correct me if I am wrong. Thank you

An interesting and important discussion for sure, @Veronica-Cisneros

This is the 'cat and mouse' security game that is played on a day-to-day basis.

Software is created and released.
Researchers/hackers find bugs.
Patches are released.
Researchers/hackers find bugs.
Patches are released.
Researchers/hacker find bugs.
Patches are released.
etc...

We can see that cycle played out in real life from this article that discusses the 'Zero-Click' / 'BleedingTooth' vulnerability.

https://www.zdnet.com/article/google-warns-of-severe-bleedingtooth-bluetooth-flaw-in-linux-kernel/

The article states...

"Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access,"

and then goes on to say...

"Intel says the BlueZ project is releasing Linux kernel fixes to address the high-severity flaw, as well as fixes for two medium-severity flaws, CVE-2020-12352 and CVE-2020-24490."

As you can see, systems are constantly phasing from a state of security to insecurity and back to security. And the more systems you have, the more difficult it is to secure them. This is why a constant cycle of security auditing and mitigations should be taking place with new, critical discoveries forcing out-of-band patches/updates/controls. And since humans still do the majority of software coding and system configurations, there are bound to be errors for security researchers to discover and exploit.

All that said, Michael's answer is a valid one. If you're not using bluetooth devices, or if this flaw had no patch or was unpatchable, then you would need to assess the risk of using bluetooth devices in your environment. You may just come to the conclusion that bluetooth isn't used enough to justify the risk is presents and then disable it as policy, You could also look for more secure alternatives that gives you similar functionality without the security issues.

Cheers,
Daniel

Blue tooth when active is pick up signals from anywhere. You have blue tooth on your phone. Get in your car, it connects to the console. You are in Star bucks, it can connect from another device. How do you put a firewall on your phone? Once in your phone the malware can connect to your wifi at home. My Fortinet 60E handles the policies for the 221-C access point connected to it. Does your wifi at home have corporate level firewall protection or just a normal modem/router?

@daniel-lowrie87 the cycle you describe is unfortunate. I wish I knew how to test the software to identify the vulnerabilities. This is why I thought that watching you do a buffer overflow of this newly found vulnerability is a good idea. I saw your video in the Penetration Testing course. Are those instructions good enough to examine this blue tooth vulnerability?

I would like to run my checks on the updated code every-time I patch my system. I imagine this is how I would identify problems, as opposed to being exposed for years.

@Michael-McKenney I'd like to implement firewall on my phone. Androids are forever hacked.

Firewalls and VPNs don't really touch Bluetooth technology. Turn off bluetooth when you don't need it. Keep the patches up to date. Use good anti-virus like Avast and their VPN.