CVE-2024-27416

Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST If we received HCI_EV_IO_CAPA_REQUEST while
HCI_OP_READ_REMOTE_EXT_FEATURES is yet to be responded assume the remote
does support SSP since otherwise this event shouldn't be generated.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: hci_event: Corrige el manejo de HCI_EV_IO_CAPA_REQUEST Si recibimos HCI_EV_IO_CAPA_REQUEST mientras HCI_OP_READ_REMOTE_EXT_FEATURES aún no se ha respondido, supongamos que el control remoto admite SSP ya que, de lo contrario, este evento no debería generarse.

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST If we received HCI_EV_IO_CAPA_REQUEST while HCI_OP_READ_REMOTE_EXT_FEATURES is yet to be responded assume the remote does support SSP since otherwise this event shouldn't be generated.

It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-25 CVE Reserved
2024-05-17 CVE Published
2024-12-19 CVE Updated
2025-03-19 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (18)

URL	Tag	Source
https://git.kernel.org/stable/c/ccb8618c972f941ebc6b2b9db491025b3369efcb	Vuln. Introduced
https://git.kernel.org/stable/c/1769ac55dbf3114d5bf79f11bd5dca80ee263f9c	Vuln. Introduced
https://git.kernel.org/stable/c/40a33a129d99639921ce00d274cca44ba282f1ac	Vuln. Introduced
https://git.kernel.org/stable/c/1ef071526848cc3109ade63268854cd7c20ece0c	Vuln. Introduced
https://git.kernel.org/stable/c/25e5d2883002e235f3378b8592aad14aeeef898c	Vuln. Introduced
https://git.kernel.org/stable/c/c7f59461f5a78994613afc112cdd73688aef9076	Vuln. Introduced
https://git.kernel.org/stable/c/2c7f9fda663a1b31a61744ffc456bdb89c4efc7f	Vuln. Introduced
https://git.kernel.org/stable/c/746dbb0fc6392eca23de27f8aa9d13979b564889	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/afec8f772296dd8e5a2a6f83bbf99db1b9ca877f	2024-03-06
https://git.kernel.org/stable/c/79820a7e1e057120c49be07cbe10643d0706b259	2024-03-06
https://git.kernel.org/stable/c/df193568d61234c81de7ed4d540c01975de60277	2024-03-06
https://git.kernel.org/stable/c/c3df637266df29edee85e94cab5fd7041e5753ba	2024-03-06
https://git.kernel.org/stable/c/30a5e812f78e3d1cced90e1ed750bf027599205f	2024-03-06
https://git.kernel.org/stable/c/fba268ac36ab19f9763ff90d276cde0ce6cd5f31	2024-03-06
https://git.kernel.org/stable/c/8e2758cc25891d2b76717aaf89b40ed215de188c	2024-03-06
https://git.kernel.org/stable/c/7e74aa53a68bf60f6019bd5d9a9a1406ec4d4865	2024-02-28

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19.297 < 4.19.309 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.297 < 4.19.309"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4.259 < 5.4.271 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.259 < 5.4.271"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10.199 < 5.10.212 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.199 < 5.10.212"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.15.137 < 5.15.151 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.137 < 5.15.151"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.60 < 6.1.81 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.60 < 6.1.81"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.6.21 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.6.21"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.7.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.7.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.8"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.14.328 Search vendor "Linux" for product "Linux Kernel" and version "4.14.328"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.5.9 Search vendor "Linux" for product "Linux Kernel" and version "6.5.9"		en		Affected