This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Impact of Blueborne vulnerability?

Just announced today is the Blueborne vulnerability. ARMIS Blueborne What is the impact to nRF development from this vulnerability?

Parents
  • Hi,

    Under "What Devices Are Affected?", it's mentioned that products/wearables using Bluetooth Low Energy is not affected. Since the only Bluetooth solution Nordic support is Bluetooth Low Energy(and not Classic/BR/EDR), that means that Nordic is not affected by this.

    Also note that Google released a patch for Android devices on Tuesday of last week; Linux and Microsoft released patches this Tuesday.


    EDIT:

    Armis Labs has found 8 vulnerabilities, collectively affecting Windows, iOS, and Linux-kernel-based operating systems. The Bluetooth stack Nordic uses, the SoftDevice, is a separate stack and does not use any part of the affected Bluetooth stacks. The vulnerabilities found by Armis Labs, is not found in the SoftDevice.

    Also see Håkon's answer in this post.

    Quote:

    There has been no mention of finding firmware issues with the LE peer device in their report, and the list of vulnerabilities are directly related to classic bluetooth.

Reply
  • Hi,

    Under "What Devices Are Affected?", it's mentioned that products/wearables using Bluetooth Low Energy is not affected. Since the only Bluetooth solution Nordic support is Bluetooth Low Energy(and not Classic/BR/EDR), that means that Nordic is not affected by this.

    Also note that Google released a patch for Android devices on Tuesday of last week; Linux and Microsoft released patches this Tuesday.


    EDIT:

    Armis Labs has found 8 vulnerabilities, collectively affecting Windows, iOS, and Linux-kernel-based operating systems. The Bluetooth stack Nordic uses, the SoftDevice, is a separate stack and does not use any part of the affected Bluetooth stacks. The vulnerabilities found by Armis Labs, is not found in the SoftDevice.

    Also see Håkon's answer in this post.

    Quote:

    There has been no mention of finding firmware issues with the LE peer device in their report, and the list of vulnerabilities are directly related to classic bluetooth.

Children
No Data
Related