Home > Vulnerability Database > CVE-2024-24746

Mend.io Vulnerability Database

CVE-2024-24746

Good to know:

Date: April 6, 2024

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE. Specially crafted GATT operation can cause infinite loop in GATT server leading to denial of service in Bluetooth stack or device. This issue affects Apache NimBLE: through 1.6.0. Users are recommended to upgrade to version 1.7.0, which fixes the issue.

Language: C

Severity Score

7.5

Related Resources (5)

Url: http://www.openwall.com/lists/oss-security/2024/04/05/2

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-24746

Url: https://github.com/apache/mynewt-nimble/commit/d42a0ebe6632bd0c318560e4293a522634f60594

Url: https://lists.apache.org/thread/bptkzc0o2ymjk8qqzqdmy39kcmh27078

Url: https://www.mend.io/vulnerability-database/CVE-2024-24746

Severity Score

7.5

Weakness Type (CWE)

Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-835

Top Fix

Upgrade Version

Upgrade to version nimble_1_7_0_tag

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-24746

Good to know:

Date: April 6, 2024

Language: C

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?