{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26889", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.186Z", "datePublished": "2024-04-17T10:27:42.814Z", "dateUpdated": "2024-11-05T09:17:40.574Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:17:40.574Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix possible buffer overflow\n\nstruct hci_dev_info has a fixed size name[8] field so in the event that\nhdev->name is bigger than that strcpy would attempt to write past its\nsize, so this fixes this problem by switching to use strscpy."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/bluetooth/hci_core.c"], "versions": [{"version": "194ab82c1ea1", "lessThan": "6d5a9d4a7bcb", "status": "affected", "versionType": "git"}, {"version": "b48595f5b1c6", "lessThan": "54a03e4ac1a4", "status": "affected", "versionType": "git"}, {"version": "ffb060b136dd", "lessThan": "d47e6c1932ce", "status": "affected", "versionType": "git"}, {"version": "bbec1724519e", "lessThan": "2e845867b4e2", "status": "affected", "versionType": "git"}, {"version": "a55d53ad5c86", "lessThan": "68644bf5ec6b", "status": "affected", "versionType": "git"}, {"version": "dcda165706b9", "lessThan": "a41c8efe659c", "status": "affected", "versionType": "git"}, {"version": "dcda165706b9", "lessThan": "8c28598a2c29", "status": "affected", "versionType": "git"}, {"version": "dcda165706b9", "lessThan": "2edce8e9a99d", "status": "affected", "versionType": "git"}, {"version": "dcda165706b9", "lessThan": "81137162bfaa", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/bluetooth/hci_core.c"], "versions": [{"version": "6.6", "status": "affected"}, {"version": "0", "lessThan": "6.6", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.311", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.273", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac"}, {"url": "https://git.kernel.org/stable/c/54a03e4ac1a41edf8a5087bd59f8241b0de96d3d"}, {"url": "https://git.kernel.org/stable/c/d47e6c1932cee02954ea588c9f09fd5ecefeadfc"}, {"url": "https://git.kernel.org/stable/c/2e845867b4e279eff0a19ade253390470e07e8a1"}, {"url": "https://git.kernel.org/stable/c/68644bf5ec6baaff40fc39b3529c874bfda709bd"}, {"url": "https://git.kernel.org/stable/c/a41c8efe659caed0e21422876bbb6b73c15b5244"}, {"url": "https://git.kernel.org/stable/c/8c28598a2c29201d2ba7fc37539a7d41c264fb10"}, {"url": "https://git.kernel.org/stable/c/2edce8e9a99dd5e4404259d52e754fdc97fb42c2"}, {"url": "https://git.kernel.org/stable/c/81137162bfaa7278785b24c1fd2e9e74f082e8e4"}], "title": "Bluetooth: hci_core: Fix possible buffer overflow", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.187Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/54a03e4ac1a41edf8a5087bd59f8241b0de96d3d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d47e6c1932cee02954ea588c9f09fd5ecefeadfc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2e845867b4e279eff0a19ade253390470e07e8a1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/68644bf5ec6baaff40fc39b3529c874bfda709bd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a41c8efe659caed0e21422876bbb6b73c15b5244", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8c28598a2c29201d2ba7fc37539a7d41c264fb10", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2edce8e9a99dd5e4404259d52e754fdc97fb42c2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/81137162bfaa7278785b24c1fd2e9e74f082e8e4", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-08T17:58:55.908261Z", "id": "CVE-2024-26889", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-31T15:54:49.948Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/54a03e4ac1a41edf8a5087bd59f8241b0de96d3d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d47e6c1932cee02954ea588c9f09fd5ecefeadfc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2e845867b4e279eff0a19ade253390470e07e8a1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/68644bf5ec6baaff40fc39b3529c874bfda709bd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a41c8efe659caed0e21422876bbb6b73c15b5244", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8c28598a2c29201d2ba7fc37539a7d41c264fb10", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2edce8e9a99dd5e4404259d52e754fdc97fb42c2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/81137162bfaa7278785b24c1fd2e9e74f082e8e4", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:21:05.187Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-26889", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-08T17:58:55.908261Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-25T17:56:07.355Z"}}], "cna": {"title": "Bluetooth: hci_core: Fix possible buffer overflow", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "194ab82c1ea1", "lessThan": "6d5a9d4a7bcb", "versionType": "git"}, {"status": "affected", "version": "b48595f5b1c6", "lessThan": "54a03e4ac1a4", "versionType": "git"}, {"status": "affected", "version": "ffb060b136dd", "lessThan": "d47e6c1932ce", "versionType": "git"}, {"status": "affected", "version": "bbec1724519e", "lessThan": "2e845867b4e2", "versionType": "git"}, {"status": "affected", "version": "a55d53ad5c86", "lessThan": "68644bf5ec6b", "versionType": "git"}, {"status": "affected", "version": "dcda165706b9", "lessThan": "a41c8efe659c", "versionType": "git"}, {"status": "affected", "version": "dcda165706b9", "lessThan": "8c28598a2c29", "versionType": "git"}, {"status": "affected", "version": "dcda165706b9", "lessThan": "2edce8e9a99d", "versionType": "git"}, {"status": "affected", "version": "dcda165706b9", "lessThan": "81137162bfaa", "versionType": "git"}], "programFiles": ["net/bluetooth/hci_core.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.6"}, {"status": "unaffected", "version": "0", "lessThan": "6.6", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.311", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.273", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.214", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/bluetooth/hci_core.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac"}, {"url": "https://git.kernel.org/stable/c/54a03e4ac1a41edf8a5087bd59f8241b0de96d3d"}, {"url": "https://git.kernel.org/stable/c/d47e6c1932cee02954ea588c9f09fd5ecefeadfc"}, {"url": "https://git.kernel.org/stable/c/2e845867b4e279eff0a19ade253390470e07e8a1"}, {"url": "https://git.kernel.org/stable/c/68644bf5ec6baaff40fc39b3529c874bfda709bd"}, {"url": "https://git.kernel.org/stable/c/a41c8efe659caed0e21422876bbb6b73c15b5244"}, {"url": "https://git.kernel.org/stable/c/8c28598a2c29201d2ba7fc37539a7d41c264fb10"}, {"url": "https://git.kernel.org/stable/c/2edce8e9a99dd5e4404259d52e754fdc97fb42c2"}, {"url": "https://git.kernel.org/stable/c/81137162bfaa7278785b24c1fd2e9e74f082e8e4"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix possible buffer overflow\n\nstruct hci_dev_info has a fixed size name[8] field so in the event that\nhdev->name is bigger than that strcpy would attempt to write past its\nsize, so this fixes this problem by switching to use strscpy."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:17:40.574Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26889", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:17:40.574Z", "dateReserved": "2024-02-19T14:20:24.186Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-17T10:27:42.814Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix possible buffer overflow\n\nstruct hci_dev_info has a fixed size name[8] field so in the event that\nhdev->name is bigger than that strcpy would attempt to write past its\nsize, so this fixes this problem by switching to use strscpy."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Bluetooth: hci_core: soluciona un posible desbordamiento del b\u00fafer struct hci_dev_info tiene un campo de nombre de tama\u00f1o fijo[8], por lo que en caso de que hdev->name sea mayor que strcpy intentar\u00eda escribir m\u00e1s all\u00e1 su tama\u00f1o, por lo que esto soluciona este problema cambiando al uso de strscpy."}], "id": "CVE-2024-26889", "lastModified": "2024-11-05T10:15:59.363", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-17T11:15:10.380", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2e845867b4e279eff0a19ade253390470e07e8a1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2edce8e9a99dd5e4404259d52e754fdc97fb42c2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/54a03e4ac1a41edf8a5087bd59f8241b0de96d3d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/68644bf5ec6baaff40fc39b3529c874bfda709bd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6d5a9d4a7bcbb7534ce45a18a52e7bd23e69d8ac"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/81137162bfaa7278785b24c1fd2e9e74f082e8e4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8c28598a2c29201d2ba7fc37539a7d41c264fb10"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a41c8efe659caed0e21422876bbb6b73c15b5244"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d47e6c1932cee02954ea588c9f09fd5ecefeadfc"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "kernel: Bluetooth: hci_core: Fix possible buffer overflow", "id": "2275672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275672"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-119", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nBluetooth: hci_core: Fix possible buffer overflow\nstruct hci_dev_info has a fixed size name[8] field so in the event that\nhdev->name is bigger than that strcpy would attempt to write past its\nsize, so this fixes this problem by switching to use strscpy.", "A buffer overflow flaw was found in struct hci_dev_info in the variable name[8] in the Linkkux Kernel. If an attacker crafts an exploit copying more than the size of the name[8], it results in a buffer overflow and a denial of service."], "name": "CVE-2024-26889", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26889\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26889\nhttps://lore.kernel.org/linux-cve-announce/2024041742-CVE-2024-26889-edfc@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 4.19.311, kernel 5.4.273, kernel 5.10.214, kernel 5.15.153, kernel 6.1.83, kernel 6.6.23, kernel 6.7.11, kernel 6.8.2, kernel 6.9-rc1"}