A flaw was found in the Linux kernel’s authentication protocol in the Bluetooth® Mesh Profile Specification. A vulnerability occurs if the AuthValue is identified during the provisioning procedure, even if the AuthValue is selected randomly. This flaw allows an attacker to identify the AuthValue used before the provisioning procedure times out, possibly completing the provisioning operation and obtaining a NetKey. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
A flaw was found in the Linux kernel’s authentication protocol in the Bluetooth® Mesh Profile Specification. A vulnerability occurs if the AuthValue is identified during the provisioning procedure, even if the AuthValue is selected randomly. This flaw allows an attacker to identify the AuthValue used before the provisioning procedure times out, possibly completing the provisioning operation and obtaining a NetKey. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
It is recommended for devices to use AuthValues containing the maximum entropy permitted (128-bits) and randomly select a new AuthValue using a secure random number generator with each new provisioning attempt. A large entropy helps ensure that a brute of the AuthValue, even a static AuthValue, cannot be completed in a reasonable time.
Vulmon