SB20240711147 - Use of obsolete function i nLinux kernel Bluetooth
Published: July 11, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240711147
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use of obsolete function (CVE-ID: CVE-2024-38620)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to kernel contains obsolete support for HCI_AMP. A local user can abuse such support, which can lead to potential security issues.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/5af2e235b0d5b797e9531a00c50058319130e156
- https://git.kernel.org/stable/c/d3c7b012d912b31ad23b9349c0e499d6dddd48ec
- https://git.kernel.org/stable/c/af1d425b6dc67cd67809f835dd7afb6be4d43e03
- https://git.kernel.org/stable/c/84a4bb6548a29326564f0e659fb8064503ecc1c7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.12