Just something to be aware of. Not sure if this affects the curerent PI
Linux
BleedingTooth: Google drops full details of zero-click Linux Bluetooth bug
chain leading to RCE
A security researcher at Google has disclosed long-awaited details of
zero-click vulnerabilities in the Linux Bluetooth subsystem that allow
nearby, unauthenticated attackers "to execute arbitrary code with kernel
privileges on vulnerable devices". Dubbed 'BleedingTooth', the trio of
security flaws were found in BlueZ, the open source, official Linux
Bluetooth protocol stack found on Linux-based laptops and IoT devices.
Google security engineer Andy Nguyen dropped a technical write-up on Twitter
on April 6 that exhaustively recounts how he discovered and chained the bugs
to achieve remote code execution (RCE) on a Dell laptop running Ubuntu
20.04.1 without 'victim' interaction - as demonstrated in the video below
===========================================================
The raspberry-vi mailing list
Archives: //www.freelists.org/archives/raspberry-vi
Administrative contact: <mike.ray@xxxxxxxxxxxxxx>
-----------------------------------------------------------
Raspberry Pi and the Raspberry Pi logo are trademarks of the Raspberry Pi
Foundation.
This list is not affiliated to the Raspberry Pi Foundation and the views and
attitudes expressed by the subscribers to this list do not reflect those of the
Foundation.
Mike Ray, list creator, January 2013
