A vulnerability in Bluetooth pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth devices. This may result in information disclosure, elevation of privilege and/or denial of service.
Find out more about CVE-2018-5383 from the MITRE CVE dictionary dictionary and NIST NVD.
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
CVSS3 Base Score | 7.1 |
---|---|
CVSS3 Base Metrics | CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
Attack Vector | Adjacent Network |
Attack Complexity | High |
Privileges Required | None |
User Interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity Impact | High |
Availability Impact | High |
Platform | Package | State |
---|---|---|
Red Hat Virtualization 4 | linux-firmware | Not affected |
Red Hat Enterprise MRG 2 | linux-firmware | Affected |
Red Hat Enterprise Linux 7 | linux-firmware | Affected |