CVE-2024-53144

Published Dec 17, 2024

Last updated 6 months ago

CVSS medium 5.5

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always request user confirmation with confirm_hint set since the likes of bluetoothd have dedicated policy around JUST_WORKS method (e.g. main.conf:JustWorksRepairing). CVE: CVE-2024-8805
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Modified
Products: linux_kernel

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "F6EFD13C-6D95-47F0-8F9C-53DD06130790",
            "versionEndExcluding": "3.3",
            "versionStartIncluding": "3.2.61",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "9CD2D84B-B854-491C-B61F-EDDA1566AF3A",
            "versionEndExcluding": "3.5",
            "versionStartIncluding": "3.4.98",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "AEFBF6E4-EDFE-4B47-83FA-927218F54577",
            "versionEndExcluding": "3.11",
            "versionStartIncluding": "3.10.48",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "A33F5FD8-266F-4755-BC57-5E0051E80026",
            "versionEndExcluding": "3.13",
            "versionStartIncluding": "3.12.25",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "B992D2D7-0887-4342-A6FA-EACD23F3D869",
            "versionEndExcluding": "3.15",
            "versionStartIncluding": "3.14.12",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "7AB7F235-CA17-4469-8F49-E61F880EF22E",
            "versionEndExcluding": "3.16",
            "versionStartIncluding": "3.15.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "969C4BBD-B3DA-4602-8BC7-D16FA90776F6",
            "versionEndExcluding": "5.10.236",
            "versionStartIncluding": "3.16.1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "D19801C8-3D18-405D-9989-E6C9B30255FA",
            "versionEndExcluding": "5.15.180",
            "versionStartIncluding": "5.11",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "D01BD22E-ACD1-4618-9D01-6116570BE1EE",
            "versionEndExcluding": "6.1.113",
            "versionStartIncluding": "5.16",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "E90B9576-56C4-47BC-AAB0-C5B2D438F5D0",
            "versionEndExcluding": "6.6.55",
            "versionStartIncluding": "6.2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "4C16BCE0-FFA0-4599-BE0A-1FD65101C021",
            "versionEndExcluding": "6.10.14",
            "versionStartIncluding": "6.7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "54D9C704-D679-41A7-9C40-10A6B1E7FFE9",
            "versionEndExcluding": "6.11.3",
            "versionStartIncluding": "6.11",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.16:-:*:*:*:*:*:*",
            "matchCriteriaId": "18374217-75DB-4E06-8293-8AAC0FD9D6C2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.16:rc3:*:*:*:*:*:*",
            "matchCriteriaId": "00980113-0C5C-44CF-B912-5A45F1618260",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.16:rc4:*:*:*:*:*:*",
            "matchCriteriaId": "9BBC595E-C5BC-4F00-8225-DF0A63C245CA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.16:rc5:*:*:*:*:*:*",
            "matchCriteriaId": "B7B44985-192D-4FF6-9E98-793433D6343F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.16:rc6:*:*:*:*:*:*",
            "matchCriteriaId": "8189E203-92F1-4AF9-A3B5-F97746EBB8EF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:3.16:rc7:*:*:*:*:*:*",
            "matchCriteriaId": "AFC935DE-1793-40AC-BE91-C89CB827985D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
            "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References