Vulnerabilities > CVE-2024-24860 - NULL Pointer Dereference vulnerability in Linux Kernel

047910
CVSS 5.3 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
high complexity
linux
CWE-476

Summary

A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

Vulnerable Configurations

Part Description Count
OS
Linux
4832

Common Weakness Enumeration (CWE)