How severe is CVE-2024-47250?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5 out of 10.

What type of vulnerability is CVE-2024-47250?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2024-47250 - MEDIUM Severity | CVSS 5

Vulnerability Description

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI advertising report could lead to out-of-bound access when parsing HCI event and thus bogus GAP 'device found' events being sent. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue.

Related Vulnerabilities

CVE-2016-7917

MEDIUM

CVSS:5.0(Medium)

The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain s...

CWE-1252016

CVE-2017-6437

MEDIUM

CVSS:5.0(Medium)

The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.

CWE-1252017

CVE-2018-19020

MEDIUM

CVSS:5.0(Medium)

When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array.

CWE-1252018

CVE-2019-2039

MEDIUM

CVSS:5.0(Medium)

In rw_i93_sm_detect_ndef of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges need...

CWE-1252019

CVE-2019-2040

MEDIUM

CVSS:5.0(Medium)

In rw_i93_process_ext_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privilege...

CWE-1252019

CVE-2019-9235

MEDIUM

CVSS:5.0(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed...

CWE-1252019