CVE-2024-24858
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Feb 5, 2024
Updated: Jun 27, 2024
CWE ID 362
Summary
CVE-2024-24858 is a newly discovered vulnerability in the Linux kernel's net/bluetooth module. The issue lies in the {conn,adv}_{min,max}_interval_set() function, where a race condition exists. This race condition can lead to I2cap connection or broadcast abnormalities, potentially causing a denial of service. The specifics of the issue have not been disclosed, but it is recommended that Linux users apply relevant patches as soon as they become available to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share