CVE-2024-57987

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btrtl: check for NULL in btrtl_setup_realtek()

If insert an USB dongle which chip is not maintained in ic_id_table, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb39910bb54d9ff696caaed4e83ae92a798cd8bf8 < 1158ad8e8abb361d4b2aaa010c9af74de20ab82baffected
LinuxLinuxb39910bb54d9ff696caaed4e83ae92a798cd8bf8 < 02f9da874e5e4626f81772eacc18967921998a71affected
LinuxLinuxb39910bb54d9ff696caaed4e83ae92a798cd8bf8 < 3c15082f3567032d196e8760753373332508c2caaffected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.12.13 <= 6.12.*unaffected
LinuxLinux6.13.2 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References