CVE-2024-21803
LOWLinux kernel 2.6.12-rc2-6.8-rc1 - Use-After-Free in Bluetooth Module
Title source: llmDescription
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1.
References (1)
Core 1
Core References
Issue Tracking, Permissions Required
https://bugzilla.openanolis.cn/show_bug.cgi?id=8081
Scores
CVSS v3
3.5
EPSS
0.0050
EPSS Percentile
38.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (3)
linux/linux_kernel
2.6.12 rc2 (5 CPE variants)
linux/linux_kernel
6.7 rc1 (6 CPE variants)
linux/linux_kernel
2.6.12.1 - 6.6.8
Published
Jan 30, 2024
Tracked Since
Feb 18, 2026