vulnerability

Debian: CVE-2018-10910: bluez -- security update

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

Jan 28, 2019

Added

Jul 30, 2024

Modified

Mar 30, 2026

Description

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.

Solution

debian-upgrade-bluez

References

CVE-2018-10910
https://attackerkb.com/topics/CVE-2018-10910
CWE-863
EUVD-EUVD-2018-2966
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-2966

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report