CVE-2024-24984

NameCVE-2024-24984
DescriptionImproper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
firmware-nonfree (PTS)jessie/non-free20190114+really20220913-0+deb8u3vulnerable
jessie/non-free (lts)20190114+really20220913-0+deb8u1vulnerable
stretch/non-free20190114+really20220913-0+deb9u3vulnerable
stretch/non-free (security)20190114-2~deb9u1vulnerable
stretch/non-free (lts)20190114+really20220913-0+deb9u1vulnerable
buster/non-free20190114+really20220913-0+deb10u3vulnerable
buster/non-free (security)20190114+really20220913-0+deb10u2vulnerable
bullseye/non-free20210315-3vulnerable
bookworm/non-free-firmware20230210-5vulnerable
trixie/non-free-firmware20240909-2fixed
sid/non-free-firmware20241210-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firmware-nonfreesource(unstable)20240610-1

Notes

[bookworm] - firmware-nonfree <ignored> (Minor issue; upstream commits not fully confirmed by Intel)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01108.html
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=0c0898b4e0a4c1a46ae01fb42bf39f1cb0dab770
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=b3d445a98ebd6779d921a152349844c3e7b86bf8
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=02ad85a367efdac04e2a33d4f287b689906cb2cd
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=2986e19030e01d9032a62f488e610a210d30ce0b
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=ded56705e80b1f5ad10650cd9196717ba71cbe17
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=2f1461dd48dedd2f3704860e2c045625bbb43a3a
In referenced commits firmware get updated fo release version at last 23.40.0.2.

Search for package or bug name: Reporting problems