CVE-2024-57988

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name()

devm_kstrdup() can return a NULL pointer on failure,but this returned value in btbcm_get_board_name() is not checked. Add NULL check in btbcm_get_board_name(), to handle kernel NULL pointer dereference error.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf9183eaad91521ba1c04a19e5606ae61560a735e < df2f2d9199e61819cca5da0121dfa4d4cb57000faffected
LinuxLinuxf9183eaad91521ba1c04a19e5606ae61560a735e < 74af8b9d0e79deefd2d43e14b84575839a849169affected
LinuxLinuxf9183eaad91521ba1c04a19e5606ae61560a735e < b88655bc6593c6a7fdc1248b212d17e581c4334eaffected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.12.13 <= 6.12.*unaffected
LinuxLinux6.13.2 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References