The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html cve-icon cve-icon
http://seclists.org/fulldisclosure/2019/Aug/11 cve-icon cve-icon
http://seclists.org/fulldisclosure/2019/Aug/13 cve-icon cve-icon
http://seclists.org/fulldisclosure/2019/Aug/14 cve-icon cve-icon
http://seclists.org/fulldisclosure/2019/Aug/15 cve-icon cve-icon
http://www.cs.ox.ac.uk/publications/publication12404-abstract.html cve-icon cve-icon
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2975 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3055 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3076 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3089 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3165 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3187 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3217 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3218 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3220 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3231 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3309 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3517 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2020:0204 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2019-9506 cve-icon
https://usn.ubuntu.com/4115-1/ cve-icon cve-icon
https://usn.ubuntu.com/4118-1/ cve-icon cve-icon
https://usn.ubuntu.com/4147-1/ cve-icon cve-icon
https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2019-9506 cve-icon
https://www.kb.cert.org/vuls/id/918987/ cve-icon cve-icon
https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2019-08-14T16:27:45.059869Z

Updated: 2024-09-16T19:14:13.573Z

Reserved: 2019-03-01T00:00:00

Link: CVE-2019-9506

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2019-08-14T17:15:11.597

Modified: 2021-11-04T15:58:19.197

Link: CVE-2019-9506

cve-icon Redhat

Severity : Important

Publid Date: 2019-08-10T09:00:00Z

Links: CVE-2019-9506 - Bugzilla