Headline
CVE-2021-3658: Device is still discoverable even when gnome bluetooth settings panel is not open (CVE-2021-3658) (#89) · Issues · GNOME / gnome-bluetooth
bluetoothd from bluez incorrectly saves adapters’ Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to physically nearby attackers.
Arch Linux
Gnome: version 40.2.0
Bluez: version 5.59
Kernel: Linux version 5.12.10-arch1-1
I seem to have the exact issue mentioned here #3 (closed) I have bluetooth devices connected but after I close Gnome settings or leave the bluetooth part of settings I would expect the computer to be not discoverable by other devices. However I’ve noticed I can see my laptop and the name I set for it when I open bluetooth scanning on other devices like my Android phone. If there is a fix it’s not working and if there is some sort of file configuration I need to set I don’t know what that would be.
Does anyone here know what would be going on here? And what logs should I even take for this if I need to?
Edited Jul 27, 2021 by