CVE-2021-37577: 
Linux Ubuntu vulnerability analysis and mitigation

CVE-2021-37577 affects Bluetooth LE and BR/EDR Secure Connections pairing and Secure Simple Pairing using the Passkey entry protocol in Bluetooth Core Specifications versions 2.1 through 5.3. The vulnerability was disclosed on October 1, 2024, and impacts the security of Bluetooth pairing processes (NVD).

The vulnerability allows an unauthenticated man-in-the-middle attacker to identify the Passkey used during pairing by reflecting a crafted public key with the same X coordinate as the offered public key and by reflecting the authentication evidence of the initiating device. This attack method involves responding to the Initiating device with a public key having an X coordinate matching that of the peer and using crafted responses to determine the Passkey used during the pairing session (Bluetooth Security). The vulnerability has been assigned a CVSS 3.1 Base Score of 6.8 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L (NVD).

If successfully exploited, this vulnerability could allow an attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. This potentially compromises the security of Bluetooth connections and enables unauthorized access to devices (NVD).

Bluetooth Core Specification 5.4 recommends that devices fail a pairing procedure if the public key X coordinate offered by a peer matches that of the local device (except when using a debug key). This check becomes mandatory in Bluetooth Core Specification 6.0. It is recommended that implementations follow the latest recommendations for the acceptance of public keys when implementing BR/EDR Secure Simple Pairing, BR/EDR Secure Connections pairing, or LE Secure Connections pairing in Bluetooth Core Specifications 5.4 and earlier (Bluetooth Security).