Buffer Restriction Flaw in BlueZ Affects Linux Kernel Implementations
CVE-2020-24490

6.5MEDIUM

Key Information:

Vendor: Bluez
Status: Bluez Advisory
Vendor: CVE Published:; 2 February 2021

Summary

Improper buffer restrictions in BlueZ can potentially allow an unauthenticated user to trigger a denial of service condition via adjacent access. This vulnerability impacts all Linux kernel versions that utilize BlueZ, making systems susceptible to disruptions in service.

Affected Version(s)

BlueZ Advisory all Linux kernel versions that support BlueZ

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 2, 2021
Vulnerability Reserved
Aug 19, 2020