CVE-2019-9506
- Source
- https://cve.org/CVERecord?id=CVE-2019-9506
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-9506.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-9506
- Downstream
- Related
- Published
- 2019-08-14T17:15:11.597Z
- Modified
- 2026-03-12T23:33:22.288593Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.
- References
-
- https://usn.ubuntu.com/4147-1/
- https://www.kb.cert.org/vuls/id/918987/
- http://www.cs.ox.ac.uk/publications/publication12404-abstract.html
- https://access.redhat.com/errata/RHSA-2019:2975
- https://access.redhat.com/errata/RHSA-2019:3055
- http://seclists.org/fulldisclosure/2019/Aug/11
- https://access.redhat.com/errata/RHSA-2019:3076
- https://access.redhat.com/errata/RHSA-2019:3089
- https://access.redhat.com/errata/RHSA-2019:3218
- https://access.redhat.com/errata/RHSA-2019:3231
- https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html
- https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
- https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html
- https://access.redhat.com/errata/RHSA-2019:3220
- https://access.redhat.com/errata/RHSA-2019:3217
- https://usn.ubuntu.com/4115-1/
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en
- https://access.redhat.com/errata/RHSA-2019:3309
- https://access.redhat.com/errata/RHSA-2019:3517
- https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html
- http://seclists.org/fulldisclosure/2019/Aug/15
- https://access.redhat.com/errata/RHSA-2019:3187
- https://access.redhat.com/errata/RHSA-2020:0204
- https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html
- http://seclists.org/fulldisclosure/2019/Aug/13
- http://seclists.org/fulldisclosure/2019/Aug/14
- https://access.redhat.com/errata/RHSA-2019:3165
- https://usn.ubuntu.com/4118-1/
Affected packages
Git /
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "10.12.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "10.13.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "10.14.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "18.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "19.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "15.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "15.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.333\\(c00e333r2p1t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.160\\(c00e160r2p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.160\\(c00e160r2p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.165\\(c01e165r2p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.1.181\\(c00e48r6p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.0.147\\(c605custc605d1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.0.153\\(c461custc461d1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.0.155\\(c636custc636d1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.329\\(c786e320r2p1t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.300\\(c605e2r1p12t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.329\\(c01e320r1p1t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.0.0.366\\(c00\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.333\\(c00e333r2p1t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.332\\(c432e5r1p13t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.333\\(c01e333r1p1t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "cairogo-l22c461b153"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.311\\(c605e2r1p11t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.333\\(c00e333r1p1t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.335\\(c675e8r1p9t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.350\\(c10e5r1p14t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.1.0.186\\(c01gt\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.333\\(c00e333r1p1t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.363\\(c675e3r1p9t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.2.0.141\\(c675custc675d1gt\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.363\\(c675e2r1p9t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.336\\(c636e2r1p12t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.333\\(c01e333r1p1t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.2.0.190\\(c00r2p2\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.0.182\\(c00\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.0.176\\(c01\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.1.0.156(c605)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.338\\(c185e3r3p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.160\\(c605e6r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0.0.122d(c652)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.130\\(c01e115r2p8t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.128\\(c00e112r1p6t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.150\\(c185e6r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.150\\(c636e6r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.154\\(c605e7r1p2t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.128\\(c01e112r1p6t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.143\\(c675e8r2p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.154\\(c185e2r5p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.306\\(c185e2r1p13t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.306\\(c432e4r1p11t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.306\\(c636e2r1p13t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.307\\(c635e4r1p13t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.350\\(c10e3r1p14t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.350\\(c636e4r1p13t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.325\\(c185e4r1p11t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.325\\(c636e2r1p12t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.328\\(c432e5r1p9t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.328\\(c782e10r1p9t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.350\\(c185e3r1p12t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.350\\(c461e3r1p11t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.350\\(c636e3r1p13t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.351\\(c432e5r1p13t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.341\\(c185e1r1p9t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.342\\(c461e1r1p9t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.347\\(c432e1r1p9t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.311\\(c461e2r1p11t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.325\\(c185e2r1p12t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.325\\(c636e7r1p13t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.326\\(c635e2r1p11t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.328\\(c432e7r1p11t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.122\\(c09e7r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.137\\(c33e8r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.137\\(c530e8r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.158\\(c432e8r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.165\\(c10e8r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.150\\(c432e6r1p5t8\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.149\\(c675e8r2p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.154\\(c185e2r5p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.154\\(c432e2r5p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.154\\(c636e2r3p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.155\\(c10e2r3p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.170\\(c185e2r5p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.170\\(c636e2r3p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.171\\(c10e2r3p1\\)"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.1.0.172\\(c432e2r5p1\\)"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-9506.json"