2ba4 Article 210408 Bleeding Tooth Body Text

Google security researcher Andy Nguyen has disclosed long-awaited details of zero-click vulnerabilities in the Linux Bluetooth subsystem that allow nearby, unauthenticated attackers “to execute arbitrary code with kernel privileges on vulnerable devices”. Nguyen claims that his findings ultimately led to a safer, more stable kernel.

Dubbed ‘BleedingTooth’, the trio of security flaws were found in BlueZ, the open source, official Linux Bluetooth protocol stack found on Linux-based laptops and IoT devices.

Google security engineer Andy Nguyen dropped a technical write-up on Twitter on April 6 that exhaustively recounts how he discovered and chained the bugs to achieve remote code execution (RCE) on a Dell laptop running Ubuntu 20.04.1 without ‘victim’ interaction.