5.5
CVE-2024-26889
- EPSS 0.27%
- Veröffentlicht 17.04.2024 11:15:10
- Zuletzt bearbeitet 12.05.2026 12:16:24
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
Bluetooth: hci_core: Fix possible buffer overflow
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fixed size name[8] field so in the event that hdev->name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switching to use strscpy.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.14.328 < 4.15
Linux ≫ Linux Kernel Version >= 4.19.297 < 4.19.311
Linux ≫ Linux Kernel Version >= 5.4.259 < 5.4.273
Linux ≫ Linux Kernel Version >= 5.10.199 < 5.10.214
Linux ≫ Linux Kernel Version >= 5.15.137 < 5.15.153
Linux ≫ Linux Kernel Version >= 6.1.60 < 6.1.83
Linux ≫ Linux Kernel Version >= 6.5.9 < 6.6.23
Linux ≫ Linux Kernel Version >= 6.7 < 6.7.11
Linux ≫ Linux Kernel Version >= 6.8 < 6.8.2
Debian ≫ Debian Linux Version10.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.185 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://git.kernel.org/stable/c/2e845867b4e279eff0a19ade253390470e07e8a1
https://git.kernel.org/stable/c/2edce8e9a99dd5e4404259d52e754fdc97fb42c2
https://git.kernel.org/stable/c/54a03e4ac1a41edf8a5087bd59f8241b0de96d3d
https://git.kernel.org/stable/c/6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac
https://git.kernel.org/stable/c/81137162bfaa7278785b24c1fd2e9e74f082e8e4
https://git.kernel.org/stable/c/8c28598a2c29201d2ba7fc37539a7d41c264fb10
https://git.kernel.org/stable/c/a41c8efe659caed0e21422876bbb6b73c15b5244
https://git.kernel.org/stable/c/d47e6c1932cee02954ea588c9f09fd5ecefeadfc
https://git.kernel.org/stable/c/68644bf5ec6baaff40fc39b3529c874bfda709bd
https://cert-portal.siemens.com/productcert/html/ssa-265688.html