BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
BleedingTooth is a set of zero-click vulnerabilities in the Linux Bluetooth subsystem that can allow an unauthenticated remote attacker in short distance to execute arbitrary code with kernel privileges on vulnerable devices. I noticed that the network subsystem was already being fuzzed extensively by syzkaller, but that subsystems like Bluetooth were less well covered.
https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html?utm_source=tldrnewsletter