7.8
CVE-2024-36880
- EPSS 0.25%
- Veröffentlicht 30.05.2024 16:15:11
- Zuletzt bearbeitet 30.09.2025 17:46:25
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
Bluetooth: qca: add missing firmware sanity checks
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing sanity checks when parsing the firmware files before downloading them to avoid accessing and corrupting memory beyond the vmalloced buffer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.3 < 5.15.159
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.91
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.31
Linux ≫ Linux Kernel Version >= 6.7 < 6.8.10
Linux ≫ Linux Kernel Version6.9 Updaterc1
Linux ≫ Linux Kernel Version6.9 Updaterc2
Linux ≫ Linux Kernel Version6.9 Updaterc3
Linux ≫ Linux Kernel Version6.9 Updaterc4
Linux ≫ Linux Kernel Version6.9 Updaterc5
Linux ≫ Linux Kernel Version6.9 Updaterc6
Linux ≫ Linux Kernel Version6.9 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.158 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
https://git.kernel.org/stable/c/02f05ed44b71152d5e11d29be28aed91c0489b4e
https://git.kernel.org/stable/c/1caceadfb50432dbf6d808796cb6c34ebb6d662c
https://git.kernel.org/stable/c/2e4edfa1e2bd821a317e7d006517dcf2f3fac68d
https://git.kernel.org/stable/c/427281f9498ed614f9aabc80e46ec077c487da6d
https://git.kernel.org/stable/c/ed53949cc92e28aaa3463d246942bda1fbb7f307