Android Open Source Project

Notified:  January 18, 2018 Updated: July 25, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Patches were included in the June 2018 Android security update. For more information, see the Android security bulletin.

Vendor References

Apple

Notified:  January 18, 2018 Updated: July 25, 2018

Statement Date:   July 23, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

A security updated was provided for macOS and iOS on July 9th, 2018, as part of the regular security update. See the Apple security updates, macOS release notes and iOS release notes for further details.

Vendor References

Bluetooth SIG

Notified:  February 06, 2018 Updated: February 06, 2018

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor References

    Broadcom

    Notified:  January 18, 2018 Updated: June 19, 2018

    Statement Date:   June 15, 2018

    Status

      Affected

    Vendor Statement

    Some Broadcom products supporting Bluetooth 2.1 or newer technology may be affected by some of the issues reported in VU#304725. We have made relevant fixes available to our OEM customers, who may release them in their software updates to end-users.​

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Cypress Semiconductor

    Updated:  August 17, 2018

    Statement Date:   August 17, 2018

    Status

      Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    Cypress has provided updates to OEM vendors for some Bluetooth devices. Please contact your device's OEM vendor to obtain any available updates.

    Dell

    Updated:  July 30, 2018

    Statement Date:   July 25, 2018

    Status

      Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    Dell is affected, please see the Dell advisory for more information.

    Vendor References

    Dell EMC

    Updated:  July 30, 2018

    Statement Date:   July 25, 2018

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Google

    Notified:  March 19, 2018 Updated: July 25, 2018

    Status

      Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    Patches are available as part of the June 2018 Android security update. See Android security bulletin for Google devices for more information.

    Vendor References

    Intel

    Notified:  January 18, 2018 Updated: July 23, 2018

    Statement Date:   July 23, 2018

    Status

      Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    Please see Intel security advisory SA-00128 for more information.

    Vendor References

    Linux Kernel

    Notified:  March 05, 2018 Updated: March 05, 2018

    Status

      Unknown

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor References

      Microsoft

      Notified:  February 06, 2018 Updated: July 20, 2018

      Statement Date:   July 20, 2018

      Status

        Not Affected

      Vendor Statement

      The vulnerability does not affect Microsoft Windows.

      Vendor Information

      We are not aware of further vendor information regarding this vulnerability.

      QUALCOMM Incorporated

      Notified:  January 18, 2018 Updated: July 25, 2018

      Statement Date:   July 24, 2018

      Status

        Affected

      Vendor Statement

      Qualcomm is aware of the recently published security research on Bluetooth pairing protocols, and we are actively deploying mitigations to our customers. Providing technologies that support robust security and privacy is a priority for Qualcomm, and we encourage end users to update their devices when patches become available.

      Vendor Information

      We are not aware of further vendor information regarding this vulnerability.

      RSA Security LLC

      Updated:  July 25, 2018

      Statement Date:   July 25, 2018

      Status

        Not Affected

      Vendor Statement

      No statement is currently available from the vendor regarding this vulnerability.

      Vendor Information

      RSA BSAFE® Crypto-C ME and Crypto-J are NOT affected.

      View all 13 vendors View less vendors