HIGH🇬🇧 English

CVE-2024-24746

CVSS 7.5v3.1pub. 2024-04-06upd. 2025-06-17

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE.  Specially crafted GATT operation can cause infinite loop in GATT server leading to denial of service in Bluetooth stack or device. This issue affects Apache NimBLE: through 1.6.0. Users are recommended to upgrade to version 1.7.0, which fixes the issue.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Apache Nimble

    APP
    Apache
    < 1.7.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2025-62235HIGH8.1ten sam produkt

Authentication Bypass by Spoofing vulnerability in Apache NimBLE. Receiving specially crafted Security Reques...

CVE-2025-52435HIGH7.5ten sam produkt

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling...

CVE-2025-53477HIGH7.5ten sam produkt

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI...

CVE-2024-51569HIGH7.5ten sam produkt

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packe...

CVE-2024-47248MEDIUM6.3ten sam produkt

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Apache NimBLE. Specia...