This vulnerability affects nearly all devices that speak Bluetooth. Manufacturers should be releasing a patch soon.
This vulnerability exploits an issue in the legacy Bluetooth authentication method. It further exploits the fact that many Bluetooth classic implementations allow devices to downgrade the more modern secure authentication method to the legacy version. The patch that manufacturers are releasing will prevent devices from downgrading to the legacy authentication.
Both CVEs must be patched to be fully secure.
More information on BIAS: