CVE-2020-24490

MEDIUM

BlueZ - DoS

Title source: llm

Description

Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.

Exploits (2)

nomisec WRITEUP

by AbrarKhan · poc

https://github.com/AbrarKhan/Linux-4.19.72_CVE-2020-24490

View Code ZIP pw:eip

nomisec STUB

by AbrarKhan · poc

https://github.com/AbrarKhan/linux_CVE-2020-24490-beforePatch

View Code ZIP pw:eip

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_confirm

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html

Scores

CVSS v3 6.5

EPSS 0.0447

EPSS Percentile 89.1%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (1)

bluez/bluez

Published Feb 02, 2021

Tracked Since Feb 18, 2026