CVE-2024-43884

Summary

CVE-2024-43884 identifies a vulnerability in the Linux kernel related to Bluetooth management, specifically in the pair_device() function, where a NULL pointer dereference could lead to crashes. This issue affects various Linux-based products that utilize Bluetooth features. The vulnerability has been resolved by implementing error handling to prevent the NULL dereference. Organizations using affected products are advised to update their systems with the latest patches to mitigate potential risks, as the vulnerability poses a medium-level security threat with high availability impact and low complexity for exploitation. The reported exploitability score is 1.8, indicating a relatively low likelihood of exploitation under normal conditions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.