CVE-2024-21803

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 30, 2024

Updated: Feb 8, 2024

CWE ID 416

Summary

CVE-2024-21803 is a Use After Free vulnerability impacting the Linux kernel on x86 and ARM architectures, specifically in the bluetooth modules. This issue allows a local attacker to execute arbitrary code. The affected files are located in the cloud-kernel repository at <https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C>. This vulnerability affects Linux kernel versions from 2.6.12-rc2 to before 6.8-rc1.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uJqEW9
https://www.cve.org/CVERecord?id=CVE-2024-21803
https://nvd.nist.gov/vuln/detail/CVE-2024-21803

Back to Vulnerability Database

CVE-2024-21803

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations