CVE-2024-53144 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always request user confirmation with confirm_hint set since the likes of bluetoothd have dedicated policy around JUST_WORKS method (e.g. main.conf:JustWorksRepairing). CVE: CVE-2024-8805

PUBLISHED Reserved 2024-11-19 | Published 2024-12-17 | Updated 2025-11-03 | Assigner Linux

Product status

Default status

unaffected

ba15a58b179ed76a7e887177f2b06de12c58ec8f (git) before baaa50c6f91ea5a9c7503af51f2bc50e6568b66b

affected

ba15a58b179ed76a7e887177f2b06de12c58ec8f (git) before 22b49d6e4f399a390c70f3034f5fbacbb9413858

affected

ba15a58b179ed76a7e887177f2b06de12c58ec8f (git) before d17c631ba04e960eb6f8728b10d585de20ac4f71

affected

ba15a58b179ed76a7e887177f2b06de12c58ec8f (git) before 830c03e58beb70b99349760f822e505ecb4eeb7e

affected

ba15a58b179ed76a7e887177f2b06de12c58ec8f (git) before ad7adfb95f64a761e4784381e47bee1a362eb30d

affected

ba15a58b179ed76a7e887177f2b06de12c58ec8f (git) before 5291ff856d2c5177b4fe9c18828312be30213193

affected

ba15a58b179ed76a7e887177f2b06de12c58ec8f (git) before b25e11f978b63cb7857890edb3a698599cddb10e

affected

373d1dfcffc63c68184419264a7eaed422c7958e (git)

affected

bc96ff59b2f19e924d9e15e24cee19723d674b92 (git)

affected

6ab84785311dc4d0348e6bd4e1c491293b770b98 (git)

affected

778763287ded64dd5c022435d3e0e3182f148a64 (git)

affected

9a5fcacabde0fe11456f4a1e88072c01846cea25 (git)

affected

039da39a616103ec7ab8ac351bfb317854e5507c (git)

affected

Default status

affected

3.16

affected

Any version before 3.16

unaffected

5.10.236 (semver)

unaffected

5.15.180 (semver)

unaffected

6.1.113 (semver)

unaffected

6.6.55 (semver)

unaffected

6.10.14 (semver)

unaffected

6.11.3 (semver)

unaffected

6.12 (original_commit_for_fix)

unaffected

References

lists.debian.org/debian-lts-announce/2025/05/msg00030.html

lists.debian.org/debian-lts-announce/2025/01/msg00001.html

git.kernel.org/...c/baaa50c6f91ea5a9c7503af51f2bc50e6568b66b

git.kernel.org/...c/22b49d6e4f399a390c70f3034f5fbacbb9413858

git.kernel.org/...c/d17c631ba04e960eb6f8728b10d585de20ac4f71

git.kernel.org/...c/830c03e58beb70b99349760f822e505ecb4eeb7e

git.kernel.org/...c/ad7adfb95f64a761e4784381e47bee1a362eb30d

git.kernel.org/...c/5291ff856d2c5177b4fe9c18828312be30213193

git.kernel.org/...c/b25e11f978b63cb7857890edb3a698599cddb10e

www.zerodayinitiative.com/advisories/ZDI-24-1229/

cve.org (CVE-2024-53144)

nvd.nist.gov (CVE-2024-53144)

Download JSON

help @ threatint.eu