CVE-2021-31615: 
Linux Ubuntu vulnerability analysis and mitigation

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications versions 4.0 through 5.2 contain a vulnerability that allows packet injection attacks. The vulnerability was disclosed on June 25, 2021, affecting Bluetooth Core Specification implementations from version 4.0 to 5.2 (NVD).

The vulnerability allows an adjacent attacker to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission. This can be achieved by spoofing the Central's address during the time between when the Peripheral starts receiving a packet from the Central and when the Central actually transmits during each connection interval. The success rate of packet injection increases with greater window widening values, such as when the connection interval increases (Bluetooth Advisory).

A successful exploitation can allow an attacker to achieve full man-in-the-middle (MITM) status without terminating the link. When targeting devices that are establishing or using encrypted links, crafted packets may be used to terminate an existing link, but will not compromise the confidentiality or integrity of the link (NVD).

The Bluetooth SIG strongly recommends that implementations verify the use of encryption in any profile that requires it under specification. Vendor-specific profile implementations with custom attributes should require encryption for both read and write operations on those characteristics by default. Users should ensure they have installed the latest recommended updates from device and operating system manufacturers (Bluetooth Advisory).