CVE-2024-24984Improper Input Validation in Firmware-nonfree

CWE-20Improper Input Validation4 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
0.0%
top 86.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian Firmware-nonfree
Timeline
PublishedNov 13

Description

Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages1 packages

debiandebian/firmware-nonfree< firmware-nonfree 20240610-1 (forky)

🔴Vulnerability Details

2
OSV
CVE-2024-24984: Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 232024-11-13
GHSA
GHSA-vpvv-6p83-mmw2: Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 232024-11-13

📋Vendor Advisories

1
Debian
CVE-2024-24984: firmware-nonfree - Improper input validation for some Intel(R) Wireless Bluetooth(R) products for W...2024