CVE-2024-42133

Bluetooth: Ignore too large handle values in BIG

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Ignore too large handle values in BIG

hci_le_big_sync_established_evt is necessary to filter out cases where the
handle value is belonging to ida id range, otherwise ida will be erroneously
released in hci_conn_cleanup.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-07-29 CVE Reserved
2024-07-30 CVE Published
2024-12-17 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/84cb0143fb8a03bf941c7aaedd56c938c99dafad	Vuln. Introduced
https://git.kernel.org/stable/c/181a42edddf51d5d9697ecdf365d72ebeab5afb0	Vuln. Introduced
https://git.kernel.org/stable/c/e9f708beada55426c8d678e2f46af659eb5bf4f0	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/38263088b845abeeeb98dda5b87c0de3063b6dbb	2024-07-11
https://git.kernel.org/stable/c/dad0003ccc68457baf005a6ed75b4d321463fe3d	2024-07-11
https://git.kernel.org/stable/c/015d79c96d62cd8a4a359fcf5be40d58088c936b	2024-06-28

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.2 < 6.6.39 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.2 < 6.6.39"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.9.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.9.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.7 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.5.12 Search vendor "Linux" for product "Linux Kernel" and version "6.5.12"		en		Affected