Vulnerability Description
Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.
CVSS Score
6.5
MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bluez | Bluez | - |
| Linux | Linux Kernel | >= 4.19, < 4.19.137 |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.PatchVendor Advisory
FAQ
What is CVE-2020-24490?
CVE-2020-24490 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.
How severe is CVE-2020-24490?
CVE-2020-24490 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-24490?
Check the references section above for vendor advisories and patch information. Affected products include: Bluez Bluez, Linux Linux Kernel.