QwikSec

Security Database

CVE

CWE

Training

CVE-2021-3658

Published: Mar 2, 2022

Modified: Apr 15, 2026

PUBLISHED

Description

bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to physically nearby attackers.

Vendor	Product	Versions
n/a	bluez	affected `Fixedin - 5.61 and above.`

Weaknesses (CWE)

References

https://gitlab.gnome.org/GNOME/gnome-bluetooth/-/issues/89

x_refsource_MISC

https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=b497b5942a8beb8f89ca1c359c54ad67ec843055

x_refsource_MISC

https://github.com/bluez/bluez/commit/b497b5942a8beb8f89ca1c359c54ad67ec843055

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=1984728

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220407-0002/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.