But even though disabling a security whole in a way that needs physical access to the target to circumvent the measure taken is better.
Could be that the combination of two issues make an attack successful: One issue that allows to activate bluetooth without privileges or because most users did not protect the feature sufficiently and a second issue like above to gain control over the target.
Exactly. No matter how borked the software is, whether due to a non-security-related software issue (i.e. “off” doesn’t work correctly or fully) or whether due to a security-related software issue (another exploit allows the attacker to re-enable Bluetooth from software) … if you have a hardware kill switch that cuts power and/or communication to the Bluetooth hardware then you can rest easy that a Bluetooth attack is not possible.
The only annoyance there is the proliferation of combined WiFi+BT devices i.e. you can’t hardware kill the BT without also hardware killing the WiFi, whereas if you software kill, you may be able to software kill selectively.
“For the stable distribution (buster), these problems have been fixed in version 4.19.152-1. The vulnerabilities are fixed by rebasing to the new stable upstream version 4.19.152 which includes additional bugfixes.”