CVE-2020-10370
Publication date 11 November 2024
Last updated 13 November 2024
Ubuntu priority
Certain Cypress (and Broadcom) Wireless Combo chips such as CYW43455, when a 2021-01-26 Bluetooth firmware update is not present, allow a Bluetooth outage via a "Spectra" attack.
Status
Package | Ubuntu Release | Status |
---|---|---|
bluez-firmware | 24.10 oracular |
Not affected
|
24.04 LTS noble |
Not affected
|
|
22.04 LTS jammy |
Not affected
|
|
16.04 LTS xenial | Ignored end of standard support | |
14.04 LTS trusty | Ignored end of standard support | |
linux-firmware-raspi2 | 24.10 oracular | Not in release |
24.04 LTS noble | Not in release | |
22.04 LTS jammy | Not in release | |
20.04 LTS focal |
Vulnerable
|
|
18.04 LTS bionic |
Vulnerable
|
|
16.04 LTS xenial | Ignored end of standard support | |
14.04 LTS trusty | Ignored end of standard support |
Notes
mdeslaur
This was fixed in the rpi firmware release 1.2-4+rpt8 included in the 4-0ubuntu1 Ubuntu package. This is fixed in 6-0ubuntu0~20.04.1 in focal-updates, and 4-0ubuntu0~18.04.1 in bionic-updates, but are not in the -security pocket. The affected firmware files don't appear to be in the bluez-firmware package at all.
Patch details
Package | Patch details |
---|---|
linux-firmware-raspi2 |