What mitigation can I take for CVE-2020-0022 (aka BlueFrag)?

A vulnerability, CVE-2020-0022 , was recently announced in some versions of Android. My phone, a Sony Xperia XA2, does not *yet* have an update available. What should I do in the meantime? The report suggests "Only enable Bluetooth if strictly necessary". Is it sufficient to disable by tapping the button on the "swipe-down" panel or does it require a deeper configuration change? The report also suggests "Keep your device non-discoverable". Is it perhaps sufficient to leave discoverability switched off until an update is available? If leaving discoverability switched off was not sufficient mitigation, why would the report even mention it?