Buffer Restriction Flaw in BlueZ Affects Linux Kernel Implementations
CVE-2020-24490

6.5MEDIUM

Key Information:

Vendor: Bluez
Status: Bluez Advisory
Vendor: CVE Published:; 2 February 2021

What is CVE-2020-24490?

Improper buffer restrictions in BlueZ can potentially allow an unauthenticated user to trigger a denial of service condition via adjacent access. This vulnerability impacts all Linux kernel versions that utilize BlueZ, making systems susceptible to disruptions in service.

Affected Version(s)

BlueZ Advisory all Linux kernel versions that support BlueZ

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 2, 2021
Vulnerability Reserved
Aug 19, 2020

CVE-2020-24490 Data

JSON

Bluez

What is CVE-2020-24490?

Affected Version(s)

References

CVSS V3.1

Timeline