CVE-2020-24490

medium

Description

Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.

References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html

Details

Source: MITRE

Published: 2021-02-02

Updated: 2021-07-21

Type: CWE-119

Risk Information

CVSS v2

Base Score: 3.3

Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 6.5

Severity: LOW

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM