Actually Intel is wrong when saying ‘‘upgrading to v5.9 will fix this’’ because none of the mainline kernels have the patches. More here https://lwn.net/Articles/834297/#Comments
deleted by creator
5.10 isn’t even mainline yet. 5.8.15 just got released two days ago, Arch hasn’t pushed it to their channel and 5.9 came out last Sunday.
deleted by creator
The fixes for BleedingTooth Bluetooth vulnerability in kernels <5.9 are in; in both stable https://lkml.org/lkml/2020/10/17/156 and mainline https://lkml.org/lkml/2020/10/17/157
Sorry for being late. The distros are currently backporting the fixes. You can read about Fedora in the lwn thread. Here’s Ubuntu https://launchpad.net/ubuntu/+source/linux/5.8.0-25.26 Arch jumped a version I think but they are assigned now against the kernel package https://security.archlinux.org/AVG-1248