From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Message-ID: <7a0f70a33f68c7a654e9d0d00ea9c9569fda5d7f.camel@hadess.net> Subject: Re: Fixing potential unwanted pairings From: Bastien Nocera To: linux-bluetooth@vger.kernel.org Date: Tue, 24 Jul 2018 13:01:04 +0200 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Sender: linux-bluetooth-owner@vger.kernel.org List-ID: On Fri, 2018-07-20 at 13:23 +0200, Bastien Nocera wrote: > > This means that a combination of a hard-to-use API for > Discoverable[3], > and the kernel's default policy, will allow devices such as iPhones > to > pair without any interaction on the computer/BlueZ side. This particular problem has been assigned a CVE: CVE-2018-10910 Would be great if I could have some feedback on this.