Linux 5.9.1 + 6 Other Stable Kernels Out For Addressing "Bleeding Tooth" Vulnerability
BleedingTooth is a remote code execution vulnerability affecting Linux that stems from a heap-based type confusion in the L2CAP code. But in all it's not as pressing as some other vulnerabilities since it first of all relies upon the attacker being within Bluetooth range of vulnerable systems and relies upon some intricate details before an attacker can send a rogue L2CAP packet to cause a remote code execution within the BlueZ Bluetooth stack.
BleedingTooth is now addressed by Bluetooth fixes in the kernel code for Linux 5.9.1. So 5.9.1 is out with those Bluetooth fixes plus some other mostly mundane fixes.
For those on older supported stable series, 5.8.16, 5.4.72, 4.19.152, 4.14.202, 4.9.240, and 4.4.240 are all available with the Bluetooth fixes and more.