CVE-2024-35964

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: ISO: Fix not validating setsockopt user input

Check user input length before copying data.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < cec736e60dc18d91b88af28d96664bff284b02d1affected
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < 6a6baa1ee7a9df33adbf932305053520b9741b35affected
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < 0c4a89f4690478969729c7ba5f69d53d8516aa12affected
LinuxLinuxccf74f2390d60a2f9a75ef496d2564abb478f46a < 9e8742cdfc4b0e65266bb4a901a19462bda9285eaffected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.119 <= 6.1.*unaffected
LinuxLinux6.6.55 <= 6.6.*unaffected
LinuxLinux6.8.7 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References