CVE-2024-21803

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1.

CVSS v3 3.5 LOW

3.5^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://bugzilla.openanolis.cn/show_bug.cgi?id=8081	Issue Tracking Permissions Required
https://bugzilla.openanolis.cn/show_bug.cgi?id=8081	Issue Tracking Permissions Required

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc3::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc4::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc5::::::
	cpe:2.3:o:linux:linux_kernel:2.6.12:rc6::::::

History

21 Nov 2024, 08:55

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 3.5
References	~~() https://bugzilla.openanolis.cn/show_bug.cgi?id=8081 - Issue Tracking, Permissions Required~~	() https://bugzilla.openanolis.cn/show_bug.cgi?id=8081 - Issue Tracking, Permissions Required

08 Feb 2024, 01:57

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~3.5~~	v2 : unknown v3 : 7.8
CPE		cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:::::: cpe:2.3:o:linux:linux_kernel:2.6.12:rc6::::::
References	~~() https://bugzilla.openanolis.cn/show_bug.cgi?id=8081 -~~	() https://bugzilla.openanolis.cn/show_bug.cgi?id=8081 - Issue Tracking, Permissions Required
First Time		Linux linux Kernel Linux

30 Jan 2024, 14:18

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de Use After Free en El kernel de Linux en Linux, x86, ARM (módulos bluetooth) permite la ejecución local de código. Esta vulnerabilidad está asociada con archivos de programa https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. Este problema afecta al kernel de Linux: desde v2.6.12-rc2 antes de v6.8-rc1.

30 Jan 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-30 08:15

Updated : 2024-11-21 08:55

NVD link : CVE-2024-21803

Mitre link : CVE-2024-21803

CVE.ORG link : CVE-2024-21803

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-416

Use After Free

3.5 /10