If ClassicBondedOnly is not enforced, a nearby attacker can create a HID (like a keyboard and mouse) on the victims PC when bluetooth is discoverable. An HID can be used as a keylogger or, of course, give direct control of the session. The CVE reporter has discussed this further on https://github.com/skysafe/reblog/tree/main/cve-2023-45866 And a talk and PoC release is forthcoming.
Fortunately, it is easy to enable legacy devices by setting `ClassicBondedOnly=false` in `/etc/bluetooth/input.conf`, and then running `systemctl restart bluetooth`. I verified that a PS3 controller works well after this :)
The fix will be included in the next BlueZ release. All distros *should* be fixing this CVE. I would love it if bloggers in the Linux gaming sphere could raise awareness about this CVE and share how to enable legacy bluetooth device support.
Hello all o/
This is intentional. And easy to reverse.
The patch for CVE-2023-45866 works as intended and is not a regression. /git.kernel. org/pub/ scm/bluetooth/ bluez.git/ commit/ profiles/ input?id= 25a471a83e02e1e ffb15d5a488b3f0 085eaeb675
https:/
If ClassicBondedOnly is not enforced, a nearby attacker can create a HID (like a keyboard and mouse) on the victims PC when bluetooth is discoverable. An HID can be used as a keylogger or, of course, give direct control of the session. The CVE reporter has discussed this further on https:/ /github. com/skysafe/ reblog/ tree/main/ cve-2023- 45866 And a talk and PoC release is forthcoming.
Fortunately, it is easy to enable legacy devices by setting `ClassicBondedO nly=false` in `/etc/bluetooth /input. conf`, and then running `systemctl restart bluetooth`. I verified that a PS3 controller works well after this :)
The fix will be included in the next BlueZ release. All distros *should* be fixing this CVE. I would love it if bloggers in the Linux gaming sphere could raise awareness about this CVE and share how to enable legacy bluetooth device support.