CVE-2024-53144

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE

This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always request user confirmation with confirm_hint set since the likes of bluetoothd have dedicated policy around JUST_WORKS method (e.g. main.conf:JustWorksRepairing).

CVE: CVE-2024-8805

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxba15a58b179ed76a7e887177f2b06de12c58ec8f < baaa50c6f91ea5a9c7503af51f2bc50e6568b66baffected
LinuxLinuxba15a58b179ed76a7e887177f2b06de12c58ec8f < 22b49d6e4f399a390c70f3034f5fbacbb9413858affected
LinuxLinuxba15a58b179ed76a7e887177f2b06de12c58ec8f < d17c631ba04e960eb6f8728b10d585de20ac4f71affected
LinuxLinuxba15a58b179ed76a7e887177f2b06de12c58ec8f < 830c03e58beb70b99349760f822e505ecb4eeb7eaffected
LinuxLinuxba15a58b179ed76a7e887177f2b06de12c58ec8f < ad7adfb95f64a761e4784381e47bee1a362eb30daffected
LinuxLinuxba15a58b179ed76a7e887177f2b06de12c58ec8f < 5291ff856d2c5177b4fe9c18828312be30213193affected
LinuxLinuxba15a58b179ed76a7e887177f2b06de12c58ec8f < b25e11f978b63cb7857890edb3a698599cddb10eaffected
LinuxLinux373d1dfcffc63c68184419264a7eaed422c7958eaffected
LinuxLinuxbc96ff59b2f19e924d9e15e24cee19723d674b92affected
LinuxLinux6ab84785311dc4d0348e6bd4e1c491293b770b98affected
LinuxLinux778763287ded64dd5c022435d3e0e3182f148a64affected
LinuxLinux9a5fcacabde0fe11456f4a1e88072c01846cea25affected
LinuxLinux039da39a616103ec7ab8ac351bfb317854e5507caffected
LinuxLinux3.2.61 < 3.3affected
LinuxLinux3.4.98 < 3.5affected
LinuxLinux3.10.48 < 3.11affected
LinuxLinux3.12.25 < 3.13affected
LinuxLinux3.14.12 < 3.15affected
LinuxLinux3.15.5 < 3.16affected
LinuxLinux3.16affected
LinuxLinux0 < 3.16unaffected
LinuxLinux5.10.236 <= 5.10.*unaffected
LinuxLinux5.15.180 <= 5.15.*unaffected
LinuxLinux6.1.113 <= 6.1.*unaffected
LinuxLinux6.6.55 <= 6.6.*unaffected
LinuxLinux6.10.14 <= 6.10.*unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References