PatchSiren cyber security CVE debrief

CVE-2024-24859 Linux CVE debrief

CVE-2024-24859 describes a race condition in the Linux kernel's Bluetooth networking code, specifically in sniff_{min,max}_interval_set(). According to NVD, the issue can trigger a Bluetooth sniffing exception and may lead to denial of service. The CVE is publicly disclosed and mapped by NVD to CWE-362 (race condition).

Vendor: Linux
Product: CVE-2024-24859
CVSS: MEDIUM 4.6
CISA KEV: Not listed in stored evidence
Original CVE published: 2024-02-05
Original CVE updated: 2026-05-12
Advisory published: 2024-02-05
Advisory updated: 2026-05-12

Who should care

Linux kernel maintainers, Linux distribution security teams, and operators of systems that expose or rely on Bluetooth functionality should review this issue. It is most relevant where the affected kernel versions are in use and Bluetooth is enabled or reachable.

Technical summary

NVD describes a race condition in net/bluetooth sniff_{min,max}_interval_set() that can result in a Bluetooth sniffing exception issue. The published CVSS vector is AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H, indicating local adjacency, high attack complexity, high privileges, and required user interaction, with denial-of-service impact as the main concern. NVD lists affected Linux kernel ranges including versions up to 3.19.8, 6.0 through 6.7.2, and 6.8-rc1.

Defensive priority

Medium. The impact is primarily availability-related, but exploitation conditions are relatively constrained by high privileges, user interaction, and adjacent network requirements in the published CVSS vector. Prioritize if Bluetooth is enabled on exposed or business-critical Linux systems.

Recommended defensive actions

Identify Linux kernel builds that match the affected version ranges listed by NVD, including vendor backports in distribution kernels.
Apply the vendor- or distribution-provided kernel update that addresses the race condition once available.
Verify whether Bluetooth is enabled or required on the affected hosts and reduce exposure where it is not needed.
Monitor distribution security advisories and the linked issue-tracking references for backported fixes and package-specific remediation guidance.
After updating, confirm the running kernel package and reboot requirements have been satisfied.

Evidence notes

This debrief is based on the published CVE record and NVD detail entry. NVD maps the issue to CWE-362 and publishes the CVSS v3.1 vector AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H with severity Medium. NVD's affected CPE criteria list linux_kernel versions up to 3.19.8, 6.0 through 6.7.2, and 6.8-rc1. NVD references an OpenAnolis Bugzilla issue and a Siemens CERT advisory as source material. Because distribution kernels may backport fixes, actual exposure should be validated against vendor package versions rather than upstream version strings alone.

Official resources

CVE-2024-24859 CVE record
CVE.org
CVE-2024-24859 NVD detail
NVD
Source item URL
nvd_modified
Source reference
[email protected] - Issue Tracking
Source reference
0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

CVE published on 2024-02-05; NVD record last modified on 2026-05-12. The issue is publicly documented in the CVE record and NVD entry.