Skip to main content

Ubuntu CVE-2024-11586

MEDIUM
Improper Resource Shutdown or Release (CWE-404)
2024-11-23 security@ubuntu.com
4.0
CVSS 3.1 · Vendor: ubuntu
Share

Severity by source

Vendor (ubuntu) PRIMARY
4.0 MEDIUM
AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

Primary rating from Vendor (ubuntu) · only source for this CVE.

CVSS VectorVendor: ubuntu

CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 23, 2024 - 03:15 cve.org
MEDIUM 4.0

DescriptionCVE.org

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected.

AnalysisAI

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected. Rated medium severity (CVSS 4.0).

Technical ContextAI

This vulnerability is classified under CWE-404. Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected. Affected products include: Pulseaudio.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2024-11586 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy