#bluez — Public Fediverse posts

New upstream BlueZ documentation helps simplify Bluetooth qualification for Linux-based products by mapping supported profiles, test requirements, software versions, and manual steps in one place.

https://col.la/bluezdoc

#BlueZ #BlueTooth #Linux #OpenSource

New upstream BlueZ documentation helps simplify Bluetooth qualification for Linux-based products by mapping supported profiles, test requirements, software versions, and manual steps in one place.

https://col.la/bluezdoc

#BlueZ #BlueTooth #Linux #OpenSource

New upstream BlueZ documentation helps simplify Bluetooth qualification for Linux-based products by mapping supported profiles, test requirements, software versions, and manual steps in one place.

https://col.la/bluezdoc

#BlueZ #BlueTooth #Linux #OpenSource

New upstream BlueZ documentation helps simplify Bluetooth qualification for Linux-based products by mapping supported profiles, test requirements, software versions, and manual steps in one place.

https://col.la/bluezdoc

#BlueZ #BlueTooth #Linux #OpenSource

New upstream BlueZ documentation helps simplify Bluetooth qualification for Linux-based products by mapping supported profiles, test requirements, software versions, and manual steps in one place.

https://col.la/bluezdoc

#BlueZ #BlueTooth #Linux #OpenSource

Collabora brought Bluetooth Auracast broadcasting to MediaTek Genio 700 for Embedded World 2026. Here's the complete, fully Open Source setup featuring Debian, BlueZ, PipeWire, with all the code and configs from our live booth demo.

https://col.la/bluezauracast

@pipewire #Debian #BlueZ #MediaTek #Genio #OpenSource #BlueTooth

@pandolin

Ehrlich gesagt gibt es viel wichtigere Baustellen, die auch für Otto-Normal-User:in erheblich sichtbarer sind, in denen man mal mit dem großen Rust-Mop drüberwischen müsste.

Der ganze #Bluetooh-Stack von Linux #BlueZ stinkt zum Himmel. Ich hatte letztens den Fall, dass alleine das Auftauchen meines Smartphones als neues Gerät dazu führte, dass sich alle Prozesse die direkt mit Bluetooh-Audio interagieren (libspa-bluez) mit Anlauf auf die Segfault-Fresse gelegt haben. Toll…! (nicht)

@pandolin

Ehrlich gesagt gibt es viel wichtigere Baustellen, die auch für Otto-Normal-User:in erheblich sichtbarer sind, in denen man mal mit dem großen Rust-Mop drüberwischen müsste.

Der ganze #Bluetooh-Stack von Linux #BlueZ stinkt zum Himmel. Ich hatte letztens den Fall, dass alleine das Auftauchen meines Smartphones als neues Gerät dazu führte, dass sich alle Prozesse die direkt mit Bluetooh-Audio interagieren (libspa-bluez) mit Anlauf auf die Segfault-Fresse gelegt haben. Toll…! (nicht)

@pandolin

Ehrlich gesagt gibt es viel wichtigere Baustellen, die auch für Otto-Normal-User:in erheblich sichtbarer sind, in denen man mal mit dem großen Rust-Mop drüberwischen müsste.

Der ganze #Bluetooh-Stack von Linux #BlueZ stinkt zum Himmel. Ich hatte letztens den Fall, dass alleine das Auftauchen meines Smartphones als neues Gerät dazu führte, dass sich alle Prozesse die direkt mit Bluetooh-Audio interagieren (libspa-bluez) mit Anlauf auf die Segfault-Fresse gelegt haben. Toll…! (nicht)

@pandolin

Ehrlich gesagt gibt es viel wichtigere Baustellen, die auch für Otto-Normal-User:in erheblich sichtbarer sind, in denen man mal mit dem großen Rust-Mop drüberwischen müsste.

Der ganze #Bluetooh-Stack von Linux #BlueZ stinkt zum Himmel. Ich hatte letztens den Fall, dass alleine das Auftauchen meines Smartphones als neues Gerät dazu führte, dass sich alle Prozesse die direkt mit Bluetooh-Audio interagieren (libspa-bluez) mit Anlauf auf die Segfault-Fresse gelegt haben. Toll…! (nicht)

@pandolin

Ehrlich gesagt gibt es viel wichtigere Baustellen, die auch für Otto-Normal-User:in erheblich sichtbarer sind, in denen man mal mit dem großen Rust-Mop drüberwischen müsste.

Der ganze #Bluetooh-Stack von Linux #BlueZ stinkt zum Himmel. Ich hatte letztens den Fall, dass alleine das Auftauchen meines Smartphones als neues Gerät dazu führte, dass sich alle Prozesse die direkt mit Bluetooh-Audio interagieren (libspa-bluez) mit Anlauf auf die Segfault-Fresse gelegt haben. Toll…! (nicht)

#Linux #Bluetooth #bluez ist doch auch nur so ein vibe-programmiertes Fäkalprodukt (und das schon lange bevor es degenerative code LLMs gab)

segfault at … in libspa-bluez5.so

Ratet mal was ich getan habe damit das passiert…? (Auflösung im Alt-Text in dem der Screenshot erklärt wird).

Wenn es etwas verdient hätte in #Rust neu geschrieben zu werden, dann wäre es der Bluetooth-Stack. Das ist alles so kaputt, da gibt es keine Bedenken irgendwelche Kompatibilitäten zu brechen.

@MissVerstaendlich #FediLZ #BlueZ

Ein Beispiel aus meiner schulischen Praxis:

Seit der Einführung des digitalen Tagebuchs muss ich als Lehrkraft (ohne digitales Endgerät) in jeder Unterrichtsstunde ins Tagebuch eintragen. Also trage ich die Anwesenheit der SuS und den Lehrstoff auf meinem privaten Handy in die Untis-App ein.

Finde ich sehr unglücklich (Stichwort: Vorbildfunktion)…

Vorher konnte ich mein Handy während des Schultags einfach im Schrank bei meinen Fahrradklamotten aufbewahren…

Broadcast audio, open standards, infinite possibilities 📡

Auracast brings one-to-many Bluetooth audio (no pairing required), and it's now fully supported in BlueZ! Ideal for public announcements, assisted listening, and multi-user audio experiences, come hear it for yourself at Booth #4-404, running on the MediaTek Genio 700!

#Auracast #Bluetooth #BlueZ #MediaTek #AudioTech #ew26 #OpenSource

Broadcast audio, open standards, infinite possibilities 📡

Auracast brings one-to-many Bluetooth audio (no pairing required), and it's now fully supported in BlueZ! Ideal for public announcements, assisted listening, and multi-user audio experiences, come hear it for yourself at Booth #4-404, running on the MediaTek Genio 700!

#Auracast #Bluetooth #BlueZ #MediaTek #AudioTech #ew26 #OpenSource

Broadcast audio, open standards, infinite possibilities 📡

Auracast brings one-to-many Bluetooth audio (no pairing required), and it's now fully supported in BlueZ! Ideal for public announcements, assisted listening, and multi-user audio experiences, come hear it for yourself at Booth #4-404, running on the MediaTek Genio 700!

#Auracast #Bluetooth #BlueZ #MediaTek #AudioTech #ew26 #OpenSource

Broadcast audio, open standards, infinite possibilities 📡

Auracast brings one-to-many Bluetooth audio (no pairing required), and it's now fully supported in BlueZ! Ideal for public announcements, assisted listening, and multi-user audio experiences, come hear it for yourself at Booth #4-404, running on the MediaTek Genio 700!

#Auracast #Bluetooth #BlueZ #MediaTek #AudioTech #ew26 #OpenSource

Broadcast audio, open standards, infinite possibilities 📡

Auracast brings one-to-many Bluetooth audio (no pairing required), and it's now fully supported in BlueZ! Ideal for public announcements, assisted listening, and multi-user audio experiences, come hear it for yourself at Booth #4-404, running on the MediaTek Genio 700!

#Auracast #Bluetooth #BlueZ #MediaTek #AudioTech #ew26 #OpenSource

#bluez #Spielräume #Bildung #KI #notenade #System #Gesellschaft Interessant, das auch auf Bildung zu beziehen: www.ardmediathek.de/video/wir-im... @[email protected] @[email protected]

Wir im Saarland - Kultur: Hart...

ICYMI, my talk from August on implementing #Bluetooth #LEAudio & #Auracast on #Linux is available on YouTube! 🎧

Highlights:
🔊 Why LE Audio is a game changer: lower latency, better power efficiency, broadcast audio support, coordinated earbuds, hearing aids and more
🐧 Practical Linux implementation details: device requirements, kernel, #BlueZ and #PipeWire configuration
🎯 Current challenges and roadmap

Watch here: https://youtu.be/WQm_JLhUsqM 👀

Found why the #Bluetooth behavior in #GNOME was so confusing to me over the years: while my computer (and the gnome-bluetooth backend) supports connecting & pairing multiple devices at once, it turns out that #BlueZ sometimes reports some devices as disconnected when reactivating Bluetooth… so I end up accidentally disconnecting a device when I think it is not already connected :blobpats:

…as discovered in https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/8692, it turns out to be a BlueZ issue… but BlueZ has no bug tracker 🫠

🛫 I’ll be at #OSSummit Europe next week, from August 25th to 27th, in Amsterdam. Will you?

👨‍🏫 I will be presenting "Implementing #Bluetooth LE Audio & #Auracast on embedded #Linux systems" on Tuesday the 26th, in the Embedded Linux Conference track. Join me to discover practical insights into implementing these technologies using the fully open source #BlueZ and #PipeWire software stack.

🔗 Link to talk: https://sched.co/25Vs2
📆 Full schedule: https://bit.ly/3NXx5Zp

Just in case others have problems connecting their JBL Charge 6 or Flip 7 bluetooth speaker to their computer, failing with "SET_CONFIGURATION request rejected: Unknown error (216)" – Today I learned that this is fixed with >=media-video/pipewire-1.4.7:

https://discussion.fedoraproject.org/t/jbl-flip-7-a2dp-connection-failure-on-fedora-42-bluez-pipewire/155958/8
https://gitlab.freedesktop.org/pipewire/pipewire/-/merge_requests/2451

I added it to my /etc/portage/package.accept.keywords and now the speaker works like a charm. Nice! 🙂

#Gentoo #Bluetooth #pipewire #bluez #Linux #a2dp

"🚨 Major Bluetooth Flaw in BlueZ: Keystroke Injection Risk! 🚨"

A Bluetooth vulnerability, CVE-2023-45866, has been uncovered, posing a significant threat to various devices. Discovered by Marc Newlin, this flaw in BlueZ allows unauthenticated devices to inject HID events, leading to potential keystroke injections and arbitrary command executions on affected devices. Particularly alarming, this vulnerability affects a wide range of operating systems including Android, Linux, macOS, and iOS, even those in Lockdown Mode.

Key details include:

• BlueZ not properly restricting non-bonded devices from injecting HID events into the input subsystem.
• Potential for an unauthenticated Peripheral role HID Device to establish an encrypted connection without user interaction, injecting HID messages.
• CVE-2023-45866 carries a critical severity rating with a CVSS base score of 9.8, indicating a high level of threat.

Marc Newlin's analysis highlights that this attack exploits an unauthenticated pairing mechanism within the Bluetooth specification, allowing fake keyboards to connect to target devices.

Stay vigilant and update your devices! 🛡️📱💻

Tags: #CyberSecurity #BluetoothVulnerability #BlueZ #CVE202345866 #KeystrokeInjection #DeviceSecurity #MarcNewlin #ThreatAlert

Sources:

• NVD: CVE-2023-45866
• Tenable: CVE-2023-45866 Details
• Hackread Article by Waqas: Bluetooth Vulnerability Report

🥁 Exciting news, once again! I have just registered as a speaker for the Open Source Summit Europe, which is taking place in Amsterdam on the 25th - 27th of August!

🗣️ This time I will be speaking about how Bluetooth LE Audio & Auracast functionality can be implemented on embedded Linux devices using open source software: BlueZ and PipeWire. Don't miss it!

🔗 https://sched.co/25Vs2

#OSSummit #ELCE #Linux #Bluetooth #LEAudio #BLE #Auracast #OpenSource #BlueZ #PipeWire #TechTalk

I finally made bluez-alsa to work!

pcm.bluetooth {
    type plug
    slave.pcm {
        type bluealsa
        device "00:00:00:00:00:00"
        profile "a2dp"
    }
    hint {
        show on
        description "Bluetooth via bluez-alsa (A2DP)"
    }
}

ctl.bluetooth {
    type bluealsa
}

pcm.PCH {
    type plug
    slave.pcm {
        type hw
        card 0
        device 0
    }
}

ctl.PCH {
    type hw
    card 0
}

pcm.!default {
    type plug
    slave.pcm "bluetooth"
}

ctl.!default {
    type bluealsa
}

Coming up this afternoon at Embedded Recipes, George Kiagiadakis presents "PipeWire and Bluetooth: the road to LE Audio". Watch live at 1:30 PM CEST! https://www.youtube.com/watch?v=U5L8XHkP-lI #Bluetooth #LEAudio #BlueZ #OpenSource @embeddedrecipes @pipewire

🗓️ The Embedded Recipes 2025 schedule is now live!

⭐ I’m excited to be among the speakers this year, giving a talk titled “PipeWire and Bluetooth: the road to LE Audio.” I’ll be sharing some background on Bluetooth audio, diving into the new LE Audio standard, and discussing developments in PipeWire’s Bluetooth integration — the leading Bluetooth audio implementation on Linux!

🔗 https://embedded-recipes.org/2025/schedule/

#er2025 #Linux #PipeWire #BlueZ #Bluetooth #LEAudio #BLE #OpenSource #TechTalk

📢 Exciting news! I’m thrilled to be speaking at Embedded Recipes 2025, which is taking place in Nice from May 14th to 16th! The first speakers have just been announced, and I’m honored to be among them!

🎤 I will be delivering a lightning talk on PipeWire's support for Bluetooth audio features, where I will cover recent developments, its current status and what lies ahead.

🔗 More details: https://embedded-recipes.org/2025/speakers/

#er2025 #Linux #PipeWire #BlueZ #Bluetooth #LEAudio #BLE #OpenSource #TechTalk

💡 Did you know that #PipeWire implements #Bluetooth #LEAudio on top of #BlueZ and #Linux? 🎧 🎵

While there are still rough edges, PipeWire today supports BAP, VCP, device sets, and even #Auracast broadcasting!

❓ Have you tried LE Audio yet?

🔗 https://gitlab.freedesktop.org/pipewire/pipewire/-/wikis/LE-Audio-+-LC3-support

#OpenSource #BLE

Ubuntu 24.04 Fixes Bluetooth Audio Connection Issues

If you’re an Ubuntu 24.04 LTS user regularly experiencing issues with connecting to audio devices, there’s an important update to the Bluetooth stack rolling out this week. Many users of Ubuntu 24.04 LTS have found paired Bluetooth audio devices (mainly earbuds/phones) fail to connect following suspend or system restart, be it automatically or manually. According to a slew of bug reports, many noble users found trying to manually connect to a previously-paired devices after a restart or suspend would fail — for some, up to 30 attempts would fail to connect or stay connections, requiring the need to remove and :sys_more_orange:
#News #Bluetooth #Bluez #BugFixes #Ubuntu24_04Lts

:sys_omgubuntu: https://www.omgubuntu.co.uk/2025/03/ubuntu-2404-bluetooth-connect-fix

🎥 The video of my recent talk at #FOSDEM 2025, titled "Adopting BlueZ in Production: Challenges and Caveats", is now available online!

🗣️ In this talk, I discussed our team's recent adventure of integrating #BlueZ as the #Bluetooth stack of an #automotive IVI system, switching from a closed-source alternative, sharing the challenges that we faced and the contributions that we made back to the BlueZ and #PipeWire projects.

🔗 https://buff.ly/4hzFD7Z

Coming up tomorrow on Day 1 at #FOSDEM in Brussels: A look at the bring up of #BlueZ as the #Bluetooth stack of a real-world #automotive in-vehicle infotainment system! Join us at 13:30 CEST in room H.1302! https://fosdem.org/2025/schedule/event/fosdem-2025-6203-adopting-bluez-in-production-challenges-and-caveats/ #IVI #PipeWire #OpenSource #Embedded @pipewire

Excited to attend FOSDEM 2025 this weekend in Brussels! 🎉 I’ll be presenting “Adopting BlueZ in Production: Challenges and Caveats,” sharing insights from integrating BlueZ into a real-world automotive system. 🚙

Curious about adopting an open-source Bluetooth solution over proprietary ones in production? Join me at the Embedded, Mobile, and Automotive devroom at 13:30 local time! 🗣️

📌 https://fosdem.org/2025/schedule/event/fosdem-2025-6203-adopting-bluez-in-production-challenges-and-caveats/

Looking forward to meet you all! 👋

#FOSDEM #BlueZ #PipeWire #Bluetooth #Linux

Just over a week to go before #FOSDEM 2025 kicks off in Brussels! Join us for talks on #BlueZ, #GStreamer, Open Source AI, and more! https://col.la/fsdm25 #OpenSource

Okay, what. I finally got a Bluetooth dongle that works with #linux (a TPLink UB400), and straight away, out of the box, I can:
Connect to bluetooth headphones and listen to music.
Connect my phone, and.. get music from the phone playing on the computer? With no configuration?
I. am. in. awe. - all my devices are working together! 😮😮
For reasons, today's #libremonday shoutout goes to #pipewire (again 🥲) and #bluez. Thanks to everyone who made Bluetooth work this well! 🎉 🎉

Do I happen to know any #BlueZ developers? So far I didn't get any reply to a build bug I reported almost 2 weeks ago. https://lore.kernel.org/linux-bluetooth/[email protected]/T/
General arguments whether building HID/HOG components without each other makes sense might be useful, too, I don't really have experience with BT input devices.

#linux #bluetooth #bluez

I can list UUID strings via blueman-manager.

But how can I select / force one of the Audia profiles in a script via bluetoothctl

@Juankprada

As always, which distribution and which version of #BlueZ (the Bluetooth Linux stack). There will be a big difference in user experience between a #Fedora that provides bluez 5.79 released last month and a #Debian stable that still offers version 5.66 released two years ago...

https://github.com/bluez/bluez/releases

TIL:

@linuxmint now uses #pipewire. If you want to work with #bluez and use #blueman as frontend, it will be reverted to #pulseaudio .

3 years ago, the blueman guys closed the pipewire support issue. Reason: We don't need that. Pulseaudio works and is well spread.

Does anybody know a good bluetooth frontend playing well with pipewire and cinnamon on #linux?

#followerpower #boostswelcome #askfedi #fedihelp

Linux Mint is Making a Major Bluetooth Change

A better Bluetooth experience is likely to feature in the next major release of Linux Mint. Current versions of the Linux distro ship with Blueberry (which uses the gnome-bluetooth backend). This is used to handle connections to Bluetooth devices like headphones, headsets, games controllers, smartphones, etc, and integrate these devices within the Cinnamon desktop. But Linux Mint 21, due for release later this year, is likely to use Blueman and the bluez backend. Why the change? Well, the short answer is that Blueman works better. Testing within Mint reveals it successfully connects to a wider range of devices, audio equipment :sys_more_orange:
#Dev #News #Blueman #Bluetooth #Bluez #LinuxMint #LinuxMint21

:sys_omgubuntu: https://www.omgubuntu.co.uk/2022/03/linux-mint-is-making-a-major-bluetooth-change

#TechHelpNeeded

Can someone tell me why my #Logitech #M650 #Bluetooth #Mouse refuses to connect after rebooting my #Linux laptop?

I'll leave the #BTmon log here from me clicking the mouse once as it tries to connect to my laptop but fails authentication with my laptop for some reason (even tho is trusted and unblocked an paired):
https://0x0.st/Xa7m.log
(color terminal output)

#AX200 #BlueZ #Logi

#Bluez (#bluetooth) on #Linux has been kinda ass lately. Previously it went through regressions which caused some game controllers to no longer work on BT such as #DualShock4 and #DualSense when they were perfectly fine before. Just upgraded to 5.71 and now my Bose QC45 stopped working on BT too.

Update: Solved by forgetting and repairing the device, which still isn't ideal but glad that worked. Will need to test if the issue reoccurs upon next boot, otherwise I probably will either use Timeshift to go back, or simply downgrade all the bluez packages.

Another update: At least the update seems to actually have fixed the DualSense issue so that's nice! Haven't tested, but I expect connection issues with DS4 should be fixed too.

This weekend I was doing some simple tinkering with #raspberrypi and trying to get a #wiimote to connect to it via #bluetooth. Hoping to have a blog post out about it later today, but in the process I learned that there aren't very great command-line tools to auto-reconnect bluetooth devices after power-on using #BlueZ on #Linux. So, I hacked together the following simple script and #systemd service configuration to hopefully make it easier for anyone trying to do the same:

• bluetooth-trusted-monitor

"🚨 Major Bluetooth Flaw in BlueZ: Keystroke Injection Risk! 🚨"

A Bluetooth vulnerability, CVE-2023-45866, has been uncovered, posing a significant threat to various devices. Discovered by Marc Newlin, this flaw in BlueZ allows unauthenticated devices to inject HID events, leading to potential keystroke injections and arbitrary command executions on affected devices. Particularly alarming, this vulnerability affects a wide range of operating systems including Android, Linux, macOS, and iOS, even those in Lockdown Mode.

Key details include:

• BlueZ not properly restricting non-bonded devices from injecting HID events into the input subsystem.
• Potential for an unauthenticated Peripheral role HID Device to establish an encrypted connection without user interaction, injecting HID messages.
• CVE-2023-45866 carries a critical severity rating with a CVSS base score of 9.8, indicating a high level of threat.

Marc Newlin's analysis highlights that this attack exploits an unauthenticated pairing mechanism within the Bluetooth specification, allowing fake keyboards to connect to target devices.

Stay vigilant and update your devices! 🛡️📱💻

Tags: #CyberSecurity #BluetoothVulnerability #BlueZ #CVE202345866 #KeystrokeInjection #DeviceSecurity #MarcNewlin #ThreatAlert

Sources:

• NVD: CVE-2023-45866
• Tenable: CVE-2023-45866 Details
• Hackread Article by Waqas: Bluetooth Vulnerability Report

"🚨 Major Bluetooth Flaw in BlueZ: Keystroke Injection Risk! 🚨"

A Bluetooth vulnerability, CVE-2023-45866, has been uncovered, posing a significant threat to various devices. Discovered by Marc Newlin, this flaw in BlueZ allows unauthenticated devices to inject HID events, leading to potential keystroke injections and arbitrary command executions on affected devices. Particularly alarming, this vulnerability affects a wide range of operating systems including Android, Linux, macOS, and iOS, even those in Lockdown Mode.

Key details include:

• BlueZ not properly restricting non-bonded devices from injecting HID events into the input subsystem.
• Potential for an unauthenticated Peripheral role HID Device to establish an encrypted connection without user interaction, injecting HID messages.
• CVE-2023-45866 carries a critical severity rating with a CVSS base score of 9.8, indicating a high level of threat.

Marc Newlin's analysis highlights that this attack exploits an unauthenticated pairing mechanism within the Bluetooth specification, allowing fake keyboards to connect to target devices.

Stay vigilant and update your devices! 🛡️📱💻

Tags: #CyberSecurity #BluetoothVulnerability #BlueZ #CVE202345866 #KeystrokeInjection #DeviceSecurity #MarcNewlin #ThreatAlert

Sources:

• NVD: CVE-2023-45866
• Tenable: CVE-2023-45866 Details
• Hackread Article by Waqas: Bluetooth Vulnerability Report

"🚨 Major Bluetooth Flaw in BlueZ: Keystroke Injection Risk! 🚨"

A Bluetooth vulnerability, CVE-2023-45866, has been uncovered, posing a significant threat to various devices. Discovered by Marc Newlin, this flaw in BlueZ allows unauthenticated devices to inject HID events, leading to potential keystroke injections and arbitrary command executions on affected devices. Particularly alarming, this vulnerability affects a wide range of operating systems including Android, Linux, macOS, and iOS, even those in Lockdown Mode.

Key details include:

• BlueZ not properly restricting non-bonded devices from injecting HID events into the input subsystem.
• Potential for an unauthenticated Peripheral role HID Device to establish an encrypted connection without user interaction, injecting HID messages.
• CVE-2023-45866 carries a critical severity rating with a CVSS base score of 9.8, indicating a high level of threat.

Marc Newlin's analysis highlights that this attack exploits an unauthenticated pairing mechanism within the Bluetooth specification, allowing fake keyboards to connect to target devices.

Stay vigilant and update your devices! 🛡️📱💻

Tags: #CyberSecurity #BluetoothVulnerability #BlueZ #CVE202345866 #KeystrokeInjection #DeviceSecurity #MarcNewlin #ThreatAlert

Sources:

• NVD: CVE-2023-45866
• Tenable: CVE-2023-45866 Details
• Hackread Article by Waqas: Bluetooth Vulnerability Report

"🚨 Major Bluetooth Flaw in BlueZ: Keystroke Injection Risk! 🚨"

A Bluetooth vulnerability, CVE-2023-45866, has been uncovered, posing a significant threat to various devices. Discovered by Marc Newlin, this flaw in BlueZ allows unauthenticated devices to inject HID events, leading to potential keystroke injections and arbitrary command executions on affected devices. Particularly alarming, this vulnerability affects a wide range of operating systems including Android, Linux, macOS, and iOS, even those in Lockdown Mode.

Key details include:

• BlueZ not properly restricting non-bonded devices from injecting HID events into the input subsystem.
• Potential for an unauthenticated Peripheral role HID Device to establish an encrypted connection without user interaction, injecting HID messages.
• CVE-2023-45866 carries a critical severity rating with a CVSS base score of 9.8, indicating a high level of threat.

Marc Newlin's analysis highlights that this attack exploits an unauthenticated pairing mechanism within the Bluetooth specification, allowing fake keyboards to connect to target devices.

Stay vigilant and update your devices! 🛡️📱💻

Tags: #CyberSecurity #BluetoothVulnerability #BlueZ #CVE202345866 #KeystrokeInjection #DeviceSecurity #MarcNewlin #ThreatAlert

Sources:

• NVD: CVE-2023-45866
• Tenable: CVE-2023-45866 Details
• Hackread Article by Waqas: Bluetooth Vulnerability Report

Okay, what. I finally got a Bluetooth dongle that works with #linux (a TPLink UB400), and straight away, out of the box, I can:
Connect to bluetooth headphones and listen to music.
Connect my phone, and.. get music from the phone playing on the computer? With no configuration?
I. am. in. awe. - all my devices are working together! 😮😮
For reasons, today's #libremonday shoutout goes to #pipewire (again 🥲) and #bluez. Thanks to everyone who made Bluetooth work this well! 🎉 🎉

Okay, what. I finally got a Bluetooth dongle that works with #linux (a TPLink UB400), and straight away, out of the box, I can:
Connect to bluetooth headphones and listen to music.
Connect my phone, and.. get music from the phone playing on the computer? With no configuration?
I. am. in. awe. - all my devices are working together! 😮😮
For reasons, today's #libremonday shoutout goes to #pipewire (again 🥲) and #bluez. Thanks to everyone who made Bluetooth work this well! 🎉 🎉