vulnerability

Red Hat: CVE-2024-56590: kernel: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (Multiple Advisories)

Name: Red Hat: CVE-2024-56590: kernel: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (Multiple Advisories)
Creator: Red Hat
Published: 2024-12-27T00:00:00.000Z
Keywords: CVE, CWE-120, Red Hat, 2024, 56590, kernel, redhat-upgrade-kernel, redhat-upgrade-kernel-rt, Severity 3

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:P/A:P)

Published

Dec 27, 2024

Added

May 15, 2025

Modified

Jun 12, 2026

Description

A use-after-free vulnerability was found in the Linux kernel. The Bluetooth firmware isn't checked if skb contains an ACL header, otherwise the code may attempt to access some uninitialized or invalid memory past the valid skb->data.

Solutions

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

CWE-120
EUVD-EUVD-2024-53238
NVD-CVE-2024-56590
REDHAT-RHSA-2025:6966
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-53238

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report