1/3 󲶾󱮭󱮷󲁨 󴎜󹲠BLUFFS󶳲󱯊󷥑󵘦󲶾󱮭󴿊󴲐󱾥󳉳󴀩󴈮2024/01/18󱮷󲁨󶴹󱿠AR2023-010󶴹󱿠CVE-2023-24023󵗽󴉆V1.0 󹠝󹲠󲻎󶳶BLUFFS󽘘BluetoothForwardandFutureSecrecyAttacksandDefenses)󴂞󵫬󱠓󶻰DanieleAntonioli󱮷󳉳󵵙󲶾󱮭盟󲁨󽘜󸂥󷥑󵘦󶾌󵷦󶳧󶳪(BluetoothSIG)󶴹󱿠󱙚CVE-2023-24023BLUFFS󸶲󸳣󱙆󹠣󱜤󽘘MITM󽘙󳻺󱲢󶳲󱯊󷥑󵘦󳉛󹀢󲺧󸚤󲠫󹠣󵵙󱞼󶴂󲶾󱮭󸴗󳰚󽘘Legacy Secure Connection, LSC 󽘙 󱶩󲸺󱞵󸛃󾗝󲺧󱛖󲶾󱮭󸴗󳰚(SecureConnection,SC)󱶩󲸺󱞵󸛃󽘜󸛋󴿊󴲐󱳎󱡋󵫞󷥑󵘦󱯯󱭯󳻺󱲢(BIAS)󳿑󴰢󽘜󱡋SC󹢎󶳊󱙚LSC󽘜󳌨󸶲󸳣󸋎󷐡󱛞󳮤󶳸󸳣󸚊󸚧󸳣󶌱󴦝󲡋󽘜BLUFFS󸴏󱞵󱳥󵫞󱶩󲸺󲸺󹚍󱻙󲇢󳻺󱲢(KNOB)󳿑󴰢󹢎󶳊󱞵󸛃󲸺󹚍󵵙󳒣󳍿󽘜󱝥󲝿󲡱󴅱󱶣󶀗󸋳󱶩󲸺󲸺󹚍󵵙󳦎󱶧󵠈󳻺󱲢󶻰󲔩󴅱󱶣󶀗󸋳󱶩󲸺󲸺󹚍󵵙󱿻󴀿󽘜󱿔󱝥󲺽󱞵󸛃󳽉󳮹󱣣󲵙󱘕󴊜󽘜󱘈󴀪󲸺󹚍󶀗󸋳󳦎󱶧󽘜󱙴󱴙󱣣󲵙󱘕󴊜󵵙󱞵󸛃󳽉󳮹󱼑󱿔󸂥󶀗󸋳󶻽󲔩󲀀󶴐󵵙󱶩󲸺󱞵󸛃󳐫󶓉󸳣󶌱󱙆󽘜BLUFFS󱳎󱳥󵫞󶳲󱯊󷥑󵘦LSC󱶩󲸺󲸺󹚍󴳄󵫑󶙟󴰢󸚤󸚇󱘔󵵙󶵤󹣕󽘜󳒣󱳷󱞵󸛃󱡋󵫞󳉛󶳲󶀗󸋳󲀀󵵙󲸺󹚍󽘜󲒵󴦝󱞵󸛃󱙆󵵙󳽉󳮹󱚓󱞵󸂥󸱞󴋁󶀗󸋳BluetoothSIG󲔩󱯇󲶾󱮭󱮷󲁨󱙆󳬘󱲡󸛋󴿊󴲐󳌼󴰭󲵙󲔩󱛖󸺞󳕥󷥑󵘦4.2󷋼5.4󴏮󳖒󸊿󷕕󵵙󸚤󲠫󱙆󽘜󶻽󱯇󵸂󱴙󱚓󱿌󴂞󳱠󱲡󱛌󱘈󱛩󱱙󳒔󸛋󴿊󴲐󳔈󲄨󵵙󳰤󳿗󽘜󳌨󴉃󳱠󱲡󴏰󴉆󸋳󱰠󳿑󴐊󳔈󲄨󱲵󴋡󱴙󹪸󳉛󶳲󳱠󱳭󽘜BLUFFS󵵙󳻺󱲢󲺧󸝭󴂞󶳲󱯊󷥑󵘦󳉛󹀢󲺧󸚤󲠫󹠣󵵙LSC󱶩󲸺󱞵󸛃󽘜󵸂󱴙󱙺󹘺󱾭󳔈󲄨󵵙󷒠󵗺󱿌󴈄ESP32󶥚󱳊󵫬󱛖BLUFFS󴿊󴲐󲽊󱛖󱻙󸚔󲼜󹪸󱘔󵵙󶵤󹣕󽘜󳧟󱝥󵸂󱴙󶴗󳪂󵵙ESP-IDF󳧟󴈄Release󱲵󳻦󸾋󱞵󱾭󱳭󱯇󳔈󲄨󲔩BluetoothSIG󶳼󱲡󹠝󹲠󵵙󴏰󴉆󸋳󱰠󳿑󴐊󱴙󽘜󳫉󶴀󱞵󸛃SC󹢎󶳊󲃅󱣣󸚧󸥩󲡠󳒣󵵙󱶩󲸺󲸺󹚍󳒣󳍿󸾋󷃫󴈄󳼋󱱙󳒔BLUFFS󵵙󳻺󱲢󳔈󲄨 2/3 󹙰󲺧BLUFFSESP32󵸂󱴙󳉛󲷫󳿗󵵙󳰤󳿗󴈄󾗜1. KNOB󴿊󴲐󱣾󲠶KNOB󴿊󴲐󸀪󱘉󹢔󱳷󱛌LSC󱙆󵵙󴇳󲻎󲸺󹚍󳒣󳍿󱙚7󲵗󷐽󹝬󳍿󽘜󲔩󸛋󲸺󹚍󳒣󳍿󱘕󽘜󳻺󱲢󶻰󳔯󹥝󲷫󴀿󶀗󸋳󱞵󸛃󱶩󲸺󲸺󹚍󸛋󸀪󱘉󲔩󳓓󱴙󶴗󳪂󵵙ESP-IDFRelease󱲵󳻦󱙆󸾋󳉛󶳲󲵙󲔩(v4.3~v5.2,master)2. BIAS󴿊󴲐󱣾󲠶󵸒󱯃󱣭󳚣󱿔󱾍󶻭󱙺󹘺󲶾󱮭󱮷󲁨AR2021-004BIAS󴿊󴲐󸀪󱘉󴂞󲔩ESP-IDFBluedroid󱻙󸚔󴎝󱙆󱶩󱮧󱛌󹡩󴦛󲺧󳿑󹢎󶳊󲶾󱮭󸴗󳰚󵵙󸸅󸱴󽘜󲺧󱛖󶳲󱯊󷥑󵘦󲶾󱮭󸴗󳰚󶻽󸌫󽘜ESP32󳌨󴉃󳱠󱡹󵸒󱯃󹀢󶷉󸶆󹲁󳦕󳰚󱿂󱿻󴀿󽘜󸛋󸀪󱘉󱚓󸉔󴭁󲺧󳿑󸚤󲠫󷋼󲻒󸴔󸀅󱘈󴤤󸚊󸚧󽘜󸴐󱡋󳕅󳻺󱲢󶻰󳔯󹥝󶳸󸳣󸚊󸚧󸳣󶌱󽘜󲝿󱶩󱛌󳻺󱲢󵵙󹥝󳍿ESP-IDFBIAS󴿊󴲐󹠝󹲠󵗽󴉆ESP-IDFBranchAffectedCommitIDAffectedIDFVersionmaster042fd5f8󱙴󱴙󳧟󴈄commitNArelease/v5.0650b6653󱙴󱴙󳧟󴈄commitv5.0release/v4.407518cf4󱙴󱴙󳧟󴈄commitv4.4~v4.4.3release/v4.360e28180󱙴󱴙󳧟󴈄commitv4.3~v4.3.4ESP-IDFBIAS󴿊󴲐󱣾󲠶󵗽󴉆ESP-IDFBranchFixedCommitIDFixedIDFVersionmaster042fd5f8NArelease/v5.1042fd5f8v5.1release/v5.0650b6653v5.0.1release/v4.407518cf4v4.4.4Release/v4.3160e28180v4.3.51ESP-IDFv4.3󳉛󴦜󳑎󱧃󴦛󶴗󳪂󽘜󱙺󹘺󲺽󱘗󱯥󲺧󸛋󵗽󴉆󳱠󱡹󲝿󱶩󳾾󱶧󷃫󱣾󲠶bug󱣾󲠶󲶾󱮭󹠝󹲠󶖾󳻦󳬐󲀀󶴐󸚇󱳃󲷫󳿗󵵙󳰤󳿗󴈄󾗜󱙺󹘺󲺽󳱠󱡹 API 󴊜󹀢󶷉󸚤󲠫󵵙󴇳󲻎󲸺󹚍󹝬󳍿󽘜󲺧󱛖󲶾󱮭󹧞󴭁󸱦󺂿󵵙󵫞󳧋󽘜󱿔󹀢󶷉󱡋󵫞󴇠󺂿󳒣󳍿󵵙󱶩󲸺󱞵󸛃󲸺󹚍󽘜󳱠󺂿󴅱󱶣󶀗󸋳󵵙󴀿󹠣󲃅󳦎󴉆 3/3 󶳼󱡋󵫞󶻰󵵙󳐫󸚔󲺧ESP32󶥚󱳊󱜂󲄘󸴔󸀅󳐴󱾥󱾛󳍟󵫞󳦕󹧞󸉔󱝃󱙴󱴙󵗽󴉆󱻏󶳊󴀿󽘜󳐫󸚔󳜁󱡋󵫞󱘔󳽳󱙆󶳼󱲡󵵙ESP-IDF󱣾󲠶Commit󱙴󲀀󵵙󵗽󴉆󲤖󳜁󲔩󱻏󶳊󸳣󶌱󱙆󸸢󱳭󹠝󹲠󽘜󸛝󳜁󱾠󹺊󵸂󱴙󲔩󵫞󵵙ESP-IDF󵗽󴉆󳦕CommitID󱣭󳚣󷋼󱙺󹘺󽘜󱙺󹘺󱞵󲼕󳗐󱘙󳜁󶁢󸚊󲠦󵢻󵸒󱯃󱛓󲷧