7.1
CVE-2024-36033
- EPSS 0.25%
- Veröffentlicht 30.05.2024 16:15:11
- Zuletzt bearbeitet 18.09.2025 14:36:14
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
Bluetooth: qca: fix info leak when fetching board id
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.7 < 6.8.10
Linux ≫ Linux Kernel Version6.9 Updaterc1
Linux ≫ Linux Kernel Version6.9 Updaterc2
Linux ≫ Linux Kernel Version6.9 Updaterc3
Linux ≫ Linux Kernel Version6.9 Updaterc4
Linux ≫ Linux Kernel Version6.9 Updaterc5
Linux ≫ Linux Kernel Version6.9 Updaterc6
Linux ≫ Linux Kernel Version6.9 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.158 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
https://git.kernel.org/stable/c/0adcf6be1445ed50bfd4a451a7a782568f270197
https://git.kernel.org/stable/c/a3dff121a7f5104c4c2d47edaa2351837ef645dd
https://git.kernel.org/stable/c/ba307abed5e09759845c735ba036f8c12f55b209
https://git.kernel.org/stable/c/bcccdc947d2ca5972b1e92d0dea10803ddc08ceb
https://git.kernel.org/stable/c/f30c37cb4549baf8377434892d520fe7769bdba7