Lucene search
ZephyrVULNRICHMENT:CVE-2024-6258HistorySep 13, 2024 - 7:05 p.m.
CVE-2024-6258 BT: Missing length checks of net_buf in rfcomm_handle_data
2024-09-1319:05:53
CWE-122
CWE-20
CWE-191
zephyr
github.com
1
cve-2024-6258
bluetooth
security vulnerability
data handling
CVSS3
6.8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
AI Score
7
Confidence
Low
EPSS
0
Percentile
13.5%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
BT: Missing length checks of net_buf in rfcomm_handle_data
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:zephyrproject-rtos:zephyr:*:*:*:*:*:*:*:*"
],
"vendor": "zephyrproject-rtos",
"product": "zephyr",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "3.6"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-6258
2024-09-13 19:15:17
cvelist
cvelist
CVE-2024-6258 BT: Missing length checks of net_buf in rfcomm_handle_data
2024-09-13 19:05:53
cve
cve
CVE-2024-6258
2024-09-13 19:15:17
CVSS3
6.8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
AI Score
7
Confidence
Low
EPSS
0
Percentile
13.5%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-6258