CVE-2024-43884

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: MGMT: Add error handling to pair_device()

hci_conn_params_add() never checks for a NULL value and could lead to a NULL pointer dereference causing a crash.

Fixed by adding error handling in the function.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5157b8a503fa834e8569c7fed06981e3d3d53db0 < 11b4b0e63f2621b33b2e107407a7d67a65994ca1affected
LinuxLinux5157b8a503fa834e8569c7fed06981e3d3d53db0 < 90e1ff1c15e5a8f3023ca8266e3a85869ed03ee9affected
LinuxLinux5157b8a503fa834e8569c7fed06981e3d3d53db0 < 9df9783bd85610d3d6e126a1aca221531f6f6dcbaffected
LinuxLinux5157b8a503fa834e8569c7fed06981e3d3d53db0 < 951d6cb5eaac5130d076c728f2a6db420621afdbaffected
LinuxLinux5157b8a503fa834e8569c7fed06981e3d3d53db0 < 5da2884292329bc9be32a7778e0e119f06abe503affected
LinuxLinux5157b8a503fa834e8569c7fed06981e3d3d53db0 < 064dd929c76532359d2905d90a7c12348043cfd4affected
LinuxLinux5157b8a503fa834e8569c7fed06981e3d3d53db0 < ee0799103b1ae4bcfd80dc11a15df085f6ee1b61affected
LinuxLinux5157b8a503fa834e8569c7fed06981e3d3d53db0 < 538fd3921afac97158d4177139a0ad39f056dbb2affected
LinuxLinux4.3affected
LinuxLinux0 < 4.3unaffected
LinuxLinux4.19.321 <= 4.19.*unaffected
LinuxLinux5.4.283 <= 5.4.*unaffected
LinuxLinux5.10.225 <= 5.10.*unaffected
LinuxLinux5.15.166 <= 5.15.*unaffected
LinuxLinux6.1.107 <= 6.1.*unaffected
LinuxLinux6.6.48 <= 6.6.*unaffected
LinuxLinux6.10.7 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References