“For an attack to be successful, an attacking device would need to be within wireless range of two vulnerable Bluetooth devices that were going through a pairing procedure.”
As you mentioned:
You shouldn’t have trouble with this. The vulnerability is very limited.
The real Android problem is that other serious vulnerabilities are seldom address by various manufacturers after sale. The problem has been noticed by Google and they’ve done a bit to try to get more O/S updates. Phone O/S is more highly integrated limiting driver only updates. That why you see full updates when they do happen.
I have a fire tablet. Amazon doesn’t claim it is Android but it is. It is just so customized to Amazon sales that it isn’t allowed to have the play store. Google only allows that for tablets/phones that conform more.
Google has just been fined by the EU billions for requiring such integration to have play store access. But the EU is more interested in sound bites than facts. Google provides Android “free” and needs some way to recover that extensive cost.