CVE-2024-51569 – This CVE describes an out-of-bounds read vulner... (How to Fix)

Q: What is the severity of CVE-2024-51569?

CVE-2024-51569 has a CVSS score of 7.5 (HIGH). This CVE describes an out-of-bounds read vulnerability in Apache NimBLE's Bluetooth stack. It allows reading beyond allocated memory boundaries when processing HCI events from a malicious or faulty Bluetooth controller. This affects all Apache NimBLE users through version 1.7.0.

📋 TL;DR

This CVE describes an out-of-bounds read vulnerability in Apache NimBLE's Bluetooth stack. It allows reading beyond allocated memory boundaries when processing HCI events from a malicious or faulty Bluetooth controller. This affects all Apache NimBLE users through version 1.7.0.

💻 Affected Systems

Products:

Apache NimBLE

Versions: through 1.7.0

Operating Systems: All operating systems using Apache NimBLE

Default Config Vulnerable: ⚠️ Yes

Notes: Requires interaction with a malicious or broken Bluetooth controller to trigger the vulnerability.

📦 What is this software?

Nimble by Apache

View all CVEs affecting Nimble →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure through memory read, potential denial of service, or remote code execution if combined with other vulnerabilities.

🟠

Likely Case

Application crash or denial of service due to invalid memory access.

🟢

If Mitigated

Minimal impact due to requirement of malicious Bluetooth controller and low severity rating.

🌐 Internet-Facing: LOW - Requires physical proximity or Bluetooth pairing with malicious device.

🏢 Internal Only: LOW - Requires compromised or malicious Bluetooth hardware in local environment.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires a malicious Bluetooth controller or ability to spoof one, which adds complexity.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.8.0

Vendor Advisory: https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs

Restart Required: Yes

Instructions:

1. Download Apache NimBLE version 1.8.0 or later from official sources. 2. Replace existing NimBLE installation with patched version. 3. Rebuild and redeploy any applications using NimBLE. 4. Restart affected services or devices.

🔧 Temporary Workarounds

Disable Bluetooth or restrict pairing

linux

Disable Bluetooth functionality or restrict pairing to trusted devices only

systemctl disable bluetooth
bluetoothctl -- power off

🧯 If You Can't Patch

Disable Bluetooth functionality entirely on affected systems
Implement network segmentation to isolate Bluetooth-enabled devices from critical systems

🔍 How to Verify

Check if Vulnerable:

Check NimBLE version: grep -r 'NIMBLE_VERSION' in source code or check package manager for installed version

Check Version:

grep NIMBLE_VERSION_STRING /path/to/nimble/include/nimble/version.h

Verify Fix Applied:

Verify version is 1.8.0 or higher: nimble --version or check source code version defines

📡 Detection & Monitoring

Log Indicators:

Application crashes related to Bluetooth stack
Memory access violation errors in system logs
Bluetooth service restarting unexpectedly

Network Indicators:

Unusual Bluetooth pairing attempts from unknown devices
Malformed Bluetooth packets in network captures

SIEM Query:

source="*bluetooth*" AND (event_type="crash" OR error="segmentation fault" OR error="memory access")

📊 Metadata

CVE ID: CVE-2024-51569

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-125

Published: November 26, 2024

Last Updated: July 8, 2025

🔗 References

https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9 Patch
https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/11/26/5 Mailing List,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-51569, you might also want to check these: