CVE-2024-51569

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9
https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs
http://www.openwall.com/lists/oss-security/2024/11/26/5

Configurations

No configuration.

History

06 Dec 2024, 11:15

Type	Values Removed	Values Added
References		() https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9 -
Summary		(es) Vulnerabilidad de lectura fuera de los límites en Apache NimBLE. La falta de una validación adecuada de la cantidad de paquetes completados de HCI podría provocar un acceso fuera de los límites al analizar un evento de HCI y una lectura no válida de la memoria de transporte de HCI. Este problema requiere un controlador Bluetooth dañado o falso y, por lo tanto, se considera de baja gravedad. Este problema afecta a Apache NimBLE: hasta la versión 1.7.0. Se recomienda a los usuarios que actualicen a la versión 1.8.0, que soluciona el problema.

26 Nov 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-26 12:15

Updated : 2024-12-06 11:15

NVD link : CVE-2024-51569

Mitre link : CVE-2024-51569

CVE.ORG link : CVE-2024-51569

JSON object : View

Products Affected

No product.

CWE

CWE-125

Out-of-bounds Read

7.5 /10