CVE-2024-35933

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btintel: Fix null ptr deref in btintel_read_version

If hci_cmd_sync_complete() is triggered and skb is NULL, then hdev->req_skb is NULL, which will cause this issue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxabfeea476c68afea54c9c050a2d3b19d5d2ee873 < b19fe5eea619d54eea59bb8a37c0f8d00ef0e912affected
LinuxLinuxabfeea476c68afea54c9c050a2d3b19d5d2ee873 < ffdca0a62abaf8c41d8d9ea132000fd808de329baffected
LinuxLinuxabfeea476c68afea54c9c050a2d3b19d5d2ee873 < 22d3053ef05f0b5045e45bd91e7473846261d65eaffected
LinuxLinuxabfeea476c68afea54c9c050a2d3b19d5d2ee873 < b79e040910101b020931ba0c9a6b77e81ab7f645affected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.1.86 <= 6.1.*unaffected
LinuxLinux6.6.27 <= 6.6.*unaffected
LinuxLinux6.8.6 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References