CVE-2024-35978

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Fix memory leak in hci_req_sync_complete()

In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf60cb30579d3401cab1ed36b42df5c0568ae0ba7 < 89a32741f4217856066c198a4a7267bcdd1edd67affected
LinuxLinuxf60cb30579d3401cab1ed36b42df5c0568ae0ba7 < 4beab84fbb50df3be1d8f8a976e6fe882ca65cb2affected
LinuxLinuxf60cb30579d3401cab1ed36b42df5c0568ae0ba7 < 8478394f76c748862ef179a16f651f752bdafaf0affected
LinuxLinuxf60cb30579d3401cab1ed36b42df5c0568ae0ba7 < 75193678cce993aa959e7764b6df2f599886dd06affected
LinuxLinuxf60cb30579d3401cab1ed36b42df5c0568ae0ba7 < 66fab1e120b39f8f47a94186ddee36006fc02ca8affected
LinuxLinuxf60cb30579d3401cab1ed36b42df5c0568ae0ba7 < 9ab5e44b9bac946bd49fd63264a08cd1ea494e76affected
LinuxLinuxf60cb30579d3401cab1ed36b42df5c0568ae0ba7 < e4cb8382fff6706436b66eafd9c0ee857ff0a9f5affected
LinuxLinuxf60cb30579d3401cab1ed36b42df5c0568ae0ba7 < 45d355a926ab40f3ae7bc0b0a00cb0e3e8a5a810affected
LinuxLinux4.1affected
LinuxLinux0 < 4.1unaffected
LinuxLinux4.19.313 <= 4.19.*unaffected
LinuxLinux5.4.275 <= 5.4.*unaffected
LinuxLinux5.10.216 <= 5.10.*unaffected
LinuxLinux5.15.156 <= 5.15.*unaffected
LinuxLinux6.1.87 <= 6.1.*unaffected
LinuxLinux6.6.28 <= 6.6.*unaffected
LinuxLinux6.8.7 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

Additional References

References