CVE-2024-21803

Published Jan 30, 2024

Last updated 3 months ago

CVSS low 3.5

Overview

Description: Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1.
Source: security@openanolis.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

security@openanolis.org: CWE-416
nvd@nist.gov: CWE-416

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC25B7BC-34C9-46EB-9742-6D0806CE464B",
            "versionEndExcluding": "6.8",
            "versionStartIncluding": "2.6.12.1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References