Author Topic: BlueFrag patch? (Read 3157 times)

adfh · « **on:** February 13, 2020, 06:39:36 am »

“BlueFrag” (CVE-2020-0022) is a bug with Android’s l2cap implementation. It affects all Android 8 and 9 devices with Bluetooth enabled, allowing for remote crashing and arbitrary code execution. It’s been assigned a Critical severity in the February Android Security Bulletin (A-143894715).

https://www.engadget.com/2020/02/09/android...-security-flaw/
https://insinuator.net/2020/02/critical-blu...-cve-2020-0022/
https://source.android.com/security/bulletin/2020-02-01.html

It looks that unlike a lot of other bugs that seem to be chipset specific, the issue lies with an Android component, so the Cosmo is likely affected. Has anyone heard if there's going to be a patch for this? Otherwise.. I reckon a good idea to turn off bluetooth in crowded areas unless you need it.

adfh · « **Reply #1 on:** March 26, 2020, 08:57:38 pm »

Does anyone know if the latest patch includes fix for Bluefrag? It doesn't seem to, based upon the Android patch level date of 5-Jan.

Isurus65 · « **Reply #2 on:** March 31, 2020, 02:44:08 am »

Quote from: adfh

Does anyone know if the latest patch includes fix for Bluefrag? It doesn't seem to, based upon the Android patch level date of 5-Jan.

Just updated to V21. Android Security Update of 5 July 2019.

Zarhan · « **Reply #3 on:** March 31, 2020, 02:46:17 am »

Quote from: Isurus65

Just updated to V21. Android Security Update of 5 July 2019.

Ok, this is a case of even larger WTF. They rolled *back* the security level? V20 had Jan 2020, now we are back in July 2019?

News:

Author Topic: BlueFrag patch? (Read 3157 times)