CVE-2024-51569

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9	Patch
https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs	Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/11/26/5	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:nimble:*:*:*:*:*:*:*:*

History

08 Jul 2025, 14:15

Type	Values Removed	Values Added
References	~~() https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9 -~~	() https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9 - Patch
References	~~() https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs -~~	() https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs - Vendor Advisory
References	~~() http://www.openwall.com/lists/oss-security/2024/11/26/5 -~~	() http://www.openwall.com/lists/oss-security/2024/11/26/5 - Mailing List, Vendor Advisory
First Time		Apache nimble Apache
CPE		cpe:2.3:a:apache:nimble::::::::

06 Dec 2024, 11:15

Type	Values Removed	Values Added
References		() https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9 -

Information

Published : 2024-11-26 12:15

Updated : 2025-07-08 14:15

NVD link : CVE-2024-51569

Mitre link : CVE-2024-51569

CVE.ORG link : CVE-2024-51569

JSON object : View

Products Affected

apache

nimble

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2024-51569", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-11-26T12:15:21.113", "references": [{"url": "https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9", "tags": ["Patch"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs", "tags": ["Vendor Advisory"], "source": "security@apache.org"}, {"url": "http://www.openwall.com/lists/oss-security/2024/11/26/5", "tags": ["Mailing List", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "Out-of-bounds Read vulnerability in Apache NimBLE.\n\nMissing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory.\nThis issue requires broken or bogus Bluetooth controller and thus severity is considered low.\nThis issue affects Apache NimBLE: through 1.7.0.\n\n\nUsers are recommended to upgrade to version 1.8.0, which fixes the issue."}, {"lang": "es", "value": "Vulnerabilidad de lectura fuera de los l\u00edmites en Apache NimBLE. La falta de una validaci\u00f3n adecuada de la cantidad de paquetes completados de HCI podr\u00eda provocar un acceso fuera de los l\u00edmites al analizar un evento de HCI y una lectura no v\u00e1lida de la memoria de transporte de HCI. Este problema requiere un controlador Bluetooth da\u00f1ado o falso y, por lo tanto, se considera de baja gravedad. Este problema afecta a Apache NimBLE: hasta la versi\u00f3n 1.7.0. Se recomienda a los usuarios que actualicen a la versi\u00f3n 1.8.0, que soluciona el problema."}], "lastModified": "2025-07-08T14:15:47.453", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:nimble:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71BB8957-7DC2-4E02-B560-1526E9758F46", "versionEndExcluding": "1.8.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}