Potential security vulnerabilities in some Intel® Wireless Bluetooth® and Killer™ Bluetooth® products may allow denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities.
CVEID: CVE-2021-33139
Description: Improper conditions check in firmware for some Intel® Wireless Bluetooth® and Killer™ Bluetooth® products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 5.7 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVEID: CVE-2021-33155
Description: Improper input validation in firmware for some Intel® Wireless Bluetooth® and Killer™ Bluetooth® products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.
CVSS Base Score: 5.7 Medium
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Intel® Wireless Bluetooth® and Killer™ Bluetooth® products with drivers before version 22.100:
Windows OS:
Intel recommends updating the affected Intel® Wireless Bluetooth® and Killer™ Bluetooth® products to version 22.100 or later.
Windows 10 and Windows 11 updates are available for download at this location:
Chrome OS:
Updates to mitigate these vulnerabilities are up streamed to Chromium.
For any Google Chrome OS solution and schedule, please contact Google directly.
Killer™ Products are not applicable for Chrome OS.
Linux OS:
Updates to mitigate these vulnerabilities are up streamed to Linux.
Consult the regular opensource channels to obtain this update.
Killer™ Products are not applicable for Linux OS.
Intel would like to thank Matheus Eduardo Garbelini and Sudipta Chattopadhyay from the Singapore University of Technology and Design for reporting these issues.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.