CVE-2024-22099 MEDIUM

CVE-2024-22099: NULL pointer deference in rfcomm_check_security in Linux kernel

Vendor Linux
Product Linux kernel
Weakness CWE-476
Published January 25, 2024
Last update May 12, 2026

CVSS base score

6.3/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.

Key dates

02Disclosure timeline

January 25, 2024 CVE published
May 12, 2026 Record updated