CVE-2024-24857

Updated: 2024-11-30 02:12:17.707376

Description:

A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 6.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 6.8 MEDIUM Needs Triage 2024-11-12 04:30:24
AlmaLinux 9.2 FIPS kernel 5.14.0 6.8 MEDIUM Ignored 2024-11-14 04:33:55
CentOS 6 ELS kernel 2.6.32 6.8 MEDIUM Ignored 2024-02-12 04:08:38
CentOS 7 ELS kernel 3.10.0 6.8 MEDIUM Ignored 2024-02-26 03:20:32
CentOS 8.4 ELS kernel 4.18.0 6.8 MEDIUM Needs Triage 2024-11-04 22:10:42
CentOS 8.5 ELS kernel 4.18.0 6.8 MEDIUM Needs Triage 2024-11-04 22:10:41
CentOS Stream 8 ELS kernel 4.18.0 6.8 MEDIUM Needs Triage 2024-11-04 22:10:43
CloudLinux 6 ELS kernel 2.6.32 6.8 MEDIUM Ignored 2024-02-12 04:08:38
CloudLinux 7 ELS kernel 3.10.0 6.8 MEDIUM Ignored 2024-07-22 12:05:48
Oracle Linux 6 ELS kernel 2.6.32 6.8 MEDIUM Ignored 2024-02-12 04:08:38
Total: 14