CVE-2024-42133 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Ignore too large handle values in BIG hci_le_big_sync_established_evt is necessary to filter out cases where the handle value is belonging to ida id range, otherwise ida will be erroneously released in hci_conn_cleanup.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/015d79c96d62cd8a4a359fcf5be40d58088c936b
https://git.kernel.org/stable/c/38263088b845abeeeb98dda5b87c0de3063b6dbb
https://git.kernel.org/stable/c/dad0003ccc68457baf005a6ed75b4d321463fe3d
https://lore.kernel.org/linux-cve-announce/2024073028-CVE-2024-42133-07c4@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-42133
https://www.cve.org/CVERecord?id=CVE-2024-42133

History

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 27 Aug 2024 02:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-190
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 5.2, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-07-30T07:46:28.632Z

Updated: 2024-11-05T09:38:02.659Z

Reserved: 2024-07-29T15:50:41.186Z

Link: CVE-2024-42133

Vulnrichment

Updated: 2024-08-02T04:54:32.554Z

NVD

Status : Awaiting Analysis

Published: 2024-07-30T08:15:05.290

Modified: 2024-07-30T13:32:45.943

Link: CVE-2024-42133

Redhat

Severity : Moderate

Publid Date: 2024-07-30T00:00:00Z

Links: CVE-2024-42133 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42133", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-29T15:50:41.186Z", "datePublished": "2024-07-30T07:46:28.632Z", "dateUpdated": "2024-11-05T09:38:02.659Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:38:02.659Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Ignore too large handle values in BIG\n\nhci_le_big_sync_established_evt is necessary to filter out cases where the\nhandle value is belonging to ida id range, otherwise ida will be erroneously\nreleased in hci_conn_cleanup."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/bluetooth/hci_event.c"], "versions": [{"version": "84cb0143fb8a", "lessThan": "38263088b845", "status": "affected", "versionType": "git"}, {"version": "181a42edddf5", "lessThan": "dad0003ccc68", "status": "affected", "versionType": "git"}, {"version": "181a42edddf5", "lessThan": "015d79c96d62", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/bluetooth/hci_event.c"], "versions": [{"version": "6.7", "status": "affected"}, {"version": "0", "lessThan": "6.7", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.39", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.9", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/38263088b845abeeeb98dda5b87c0de3063b6dbb"}, {"url": "https://git.kernel.org/stable/c/dad0003ccc68457baf005a6ed75b4d321463fe3d"}, {"url": "https://git.kernel.org/stable/c/015d79c96d62cd8a4a359fcf5be40d58088c936b"}], "title": "Bluetooth: Ignore too large handle values in BIG", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.554Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/38263088b845abeeeb98dda5b87c0de3063b6dbb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dad0003ccc68457baf005a6ed75b4d321463fe3d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/015d79c96d62cd8a4a359fcf5be40d58088c936b", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42133", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:16:19.014130Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:36.283Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/38263088b845abeeeb98dda5b87c0de3063b6dbb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dad0003ccc68457baf005a6ed75b4d321463fe3d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/015d79c96d62cd8a4a359fcf5be40d58088c936b", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.554Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42133", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:16:19.014130Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:24.724Z"}}], "cna": {"title": "Bluetooth: Ignore too large handle values in BIG", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "84cb0143fb8a", "lessThan": "38263088b845", "versionType": "git"}, {"status": "affected", "version": "181a42edddf5", "lessThan": "dad0003ccc68", "versionType": "git"}, {"status": "affected", "version": "181a42edddf5", "lessThan": "015d79c96d62", "versionType": "git"}], "programFiles": ["net/bluetooth/hci_event.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.7"}, {"status": "unaffected", "version": "0", "lessThan": "6.7", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.39", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.9", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/bluetooth/hci_event.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/38263088b845abeeeb98dda5b87c0de3063b6dbb"}, {"url": "https://git.kernel.org/stable/c/dad0003ccc68457baf005a6ed75b4d321463fe3d"}, {"url": "https://git.kernel.org/stable/c/015d79c96d62cd8a4a359fcf5be40d58088c936b"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Ignore too large handle values in BIG\n\nhci_le_big_sync_established_evt is necessary to filter out cases where the\nhandle value is belonging to ida id range, otherwise ida will be erroneously\nreleased in hci_conn_cleanup."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-05T09:38:02.659Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42133", "state": "PUBLISHED", "dateUpdated": "2024-11-05T09:38:02.659Z", "dateReserved": "2024-07-29T15:50:41.186Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-30T07:46:28.632Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "kernel: Bluetooth: Ignore too large handle values in BIG", "id": "2301498", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301498"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nBluetooth: Ignore too large handle values in BIG\nhci_le_big_sync_established_evt is necessary to filter out cases where the\nhandle value is belonging to ida id range, otherwise ida will be erroneously\nreleased in hci_conn_cleanup."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-42133", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42133\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42133\nhttps://lore.kernel.org/linux-cve-announce/2024073028-CVE-2024-42133-07c4@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 6.6.39, kernel 6.9.9, kernel 6.10"}