Vulnerability Description
A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | 10.0 |
| Linux | Linux Kernel | <= 3.19.8 |
Related Weaknesses (CWE)
References
- https://bugzilla.openanolis.cn/show_bug.cgi?id=8154Permissions Required
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.htmlThird Party Advisory
- https://bugzilla.openanolis.cn/show_bug.cgi?id=8154Permissions Required
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.htmlThird Party Advisory
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
FAQ
What is CVE-2024-24858?
CVE-2024-24858 is a vulnerability with a CVSS score of 4.6 (MEDIUM). A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to ...
How severe is CVE-2024-24858?
CVE-2024-24858 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-24858?
Check the references section above for vendor advisories and patch information. Affected products include: Debian Debian Linux, Linux Linux Kernel.