Lucene search

K
nvd[email protected]NVD:CVE-2024-24858
HistoryFeb 05, 2024 - 8:15 a.m.

CVE-2024-24858

2024-02-0508:15:44
CWE-362
web.nvd.nist.gov
race condition
linux kernel
bluetooth
connection abnormality
denial of service

5.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%

A race condition was found in the Linux kernel’s net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.

Affected configurations

NVD
Node
linuxlinux_kernelRange≀3.19.8
OR
linuxlinux_kernelRange6.0–6.7.2
OR
linuxlinux_kernelMatch6.8rc1

5.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.8%