CVE-2024-47249 – Apache NimBLE versions through 1.7.0 have an im... (How to Fix)

Q: What is the severity of CVE-2024-47249?

CVE-2024-47249 has a CVSS score of 5.0 (MEDIUM). Apache NimBLE versions through 1.7.0 have an improper array index validation vulnerability in HCI event handling that could allow memory corruption and crashes. This requires a malicious or malfunctioning Bluetooth controller to exploit. The vulnerability affects systems using Apache NimBLE Bluetooth stack.

📋 TL;DR

Apache NimBLE versions through 1.7.0 have an improper array index validation vulnerability in HCI event handling that could allow memory corruption and crashes. This requires a malicious or malfunctioning Bluetooth controller to exploit. The vulnerability affects systems using Apache NimBLE Bluetooth stack.

💻 Affected Systems

Products:

Apache NimBLE

Versions: through 1.7.0

Operating Systems: Any OS running Apache NimBLE

Default Config Vulnerable: ⚠️ Yes

Notes: Only exploitable with malicious or broken Bluetooth controller hardware.

📦 What is this software?

Nimble by Apache

View all CVEs affecting Nimble →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution or denial of service through memory corruption leading to system compromise.

🟠

Likely Case

Application crash or denial of service due to memory corruption from malformed Bluetooth packets.

🟢

If Mitigated

No impact if using patched version or proper Bluetooth controller validation.

🌐 Internet-Facing: LOW - Requires Bluetooth proximity and malicious controller, not internet exposure.

🏢 Internal Only: LOW - Requires physical proximity or compromised Bluetooth controller within range.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires specialized Bluetooth controller hardware or firmware modification to send malformed HCI events.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.8.0

Vendor Advisory: https://lists.apache.org/thread/7ckxw6481dp68ons627pjcb27c75n0mq

Restart Required: Yes

Instructions:

1. Download Apache NimBLE 1.8.0 from official repository. 2. Replace existing NimBLE installation with version 1.8.0. 3. Rebuild and redeploy applications using NimBLE. 4. Restart affected services or devices.

🔧 Temporary Workarounds

Disable Bluetooth or NimBLE

linux

Temporarily disable Bluetooth functionality or NimBLE stack if not required

systemctl stop bluetooth
killall nimble-host

Network segmentation

all

Isolate Bluetooth devices to separate network segments

🧯 If You Can't Patch

Implement Bluetooth device whitelisting to only allow trusted controllers
Monitor for abnormal Bluetooth traffic and crashes in NimBLE applications

🔍 How to Verify

Check if Vulnerable:

Check NimBLE version: grep -r 'NIMBLE_VERSION' /path/to/nimble/source or check package manager

Check Version:

grep 'NIMBLE_VERSION' /usr/include/nimble/nimble_version.h 2>/dev/null || find / -name '*nimble*version*' -type f 2>/dev/null | xargs grep -l 'VERSION'

Verify Fix Applied:

Verify version is 1.8.0 or higher and check commit f39330866a85fa4de49246e9d21334bc8d14f0a1 is present

📡 Detection & Monitoring

Log Indicators:

NimBLE crash logs
Bluetooth stack errors
Memory corruption warnings in system logs

Network Indicators:

Unusual Bluetooth HCI event patterns
Malformed Bluetooth packets

SIEM Query:

source="*nimble*" AND ("crash" OR "segfault" OR "memory corruption")

📊 Metadata

CVE ID: CVE-2024-47249

CVSS v3 Score: 5.0 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-129

Published: November 26, 2024

Last Updated: July 8, 2025

🔗 References

https://github.com/apache/mynewt-nimble/commit/f39330866a85fa4de49246e9d21334bc8d14f0a1 Patch
https://lists.apache.org/thread/7ckxw6481dp68ons627pjcb27c75n0mq Mailing List,Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/11/26/3 Mailing List,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47249, you might also want to check these: