{
  "threat_severity" : "Moderate",
  "public_date" : "2024-12-27T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet",
    "id" : "2334486",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2334486"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-1050",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nBluetooth: hci_core: Fix not checking skb length on hci_acldata_packet\nThis fixes not checking if skb really contains an ACL header otherwise\nthe code may attempt to access some uninitilized/invalid memory past the\nvalid skb->data.", "A use-after-free vulnerability was found in the Linux kernel. The Bluetooth firmware isn't checked if skb contains an ACL header, otherwise the code may attempt to access some uninitialized or invalid memory past the valid skb->data." ],
  "statement" : "This vulnerability, rated as moderate severity, involves a flaw in the Linux kernel's Bluetooth subsystem. A failure to validate the socket buffer's length before accessing ACL headers can lead to out-of-bounds memory access. This creates a risk of kernel memory corruption, potentially allowing attackers to corrupt kernel memory related to bluetooth networking, which might impact the functionality of connected devices. However, even in situations where an attacker had significant access to and information about a target system, our assessment indicates that the security features of the kernel would prevent a compromise of confidentiality or the ability to escalate their privileges.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-05-13T00:00:00Z",
    "advisory" : "RHSA-2025:6966",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-570.12.1.el9_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-05-13T00:00:00Z",
    "advisory" : "RHSA-2025:6966",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-570.12.1.el9_6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-56590\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-56590\nhttps://lore.kernel.org/linux-cve-announce/2024122759-CVE-2024-56590-d4ba@gregkh/T" ],
  "name" : "CVE-2024-56590",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}