Motorola Community

Moto G PhonesMoto G5 / Moto G5 Plus
All Forum Topics
Options

0 Posts

02-08-2020

US

0 Signins

0 Page Views

  • Posts: 0
  • Registered: ‎02-08-2020
  • Location: US
  • Views: 0
  • Message 1 of 2

Critical Android Bluetooth Flaw

2020-02-08, 17:31 PM

I would like to know if this Critical Android Bluetooth Flaw (CVE-2020-0022) is going to be addressed for the Moto G5 Plus since it is running Android Oreo 8.1?  The bug is considered critical on Android Oreo (8.0 and 8.1) and Pie (9) because exploiting it leads to code execution.  Thank you in advance for your support.

Please see attached link.

 

https://www.bleepingcomputer.com/news/security/critical-android-bluetooth-flaw-exploitable-without-user-interaction/

Reply
Options

0 Posts

02-08-2020

US

0 Signins

0 Page Views

  • Posts: 0
  • Registered: ‎02-08-2020
  • Location: US
  • Views: 0
  • Message 2 of 2

Re: Critical Android Bluetooth Flaw

2020-02-08, 18:10 PM

I also have this question - the bluetooth vulnerability is caused by a single line of errant code in 

hci/src/packet_fragmenter.cc

and was fixed in commit https://android.googlesource.com/platform/system/bt/+/3cb7149d8fed2d7d77ceaa95bf845224c4db3baf%5E%21/#F0

Because my phone is currently vulnerable, for safety I have to leave bluetooth permanently disabled on my phone, which otherwise works perfectly fine, in order to avoid getting the phone infected by a flaw which is potentially wormable.  I am seriously considering switching to an Android One phone if no fix is available, which would have at least guaranteed me a security update.  And it is unfortunate that there appear to be no Android One Moto phones sold in the US.  I hope I'm mistaken on that point. 

Reply
Forum Home

Community Guidelines

Please review our Guidelines before posting.

Learn More

Check out current deals!

Go Shop
X

Save