CVE-2024-24859

MEDIUM

Linux Kernel < 3.19.8 and >=4.0-rc1 <6.8-rc2 - Denial of Service via Bluetooth Sniff Interval Race Condition

Title source: llm
STIX 2.1

Description

A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.

References (2)

Core 2

Scores

CVSS v3 4.6
EPSS 0.0071
EPSS Percentile 48.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-362
Status published
Products (3)
Linux/Linux kernel v4.0-rc1 - v6.8-rc2
linux/linux_kernel 6.8 rc1
linux/linux_kernel < 3.19.8
Published Feb 05, 2024
Tracked Since Feb 18, 2026