CVE-2024-35964
Bluetooth: ISO: Fix not validating setsockopt user input
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
20 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: ISO: Fix not validating setsockopt user input
Check user input length before copying data.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/0c4a89f4690478969729c7ba5f69d53d8516aa12https://git.kernel.org/stable/c/6a6baa1ee7a9df33adbf932305053520b9741b35https://git.kernel.org/stable/c/9e8742cdfc4b0e65266bb4a901a19462bda9285ehttps://git.kernel.org/stable/c/cec736e60dc18d91b88af28d96664bff284b02d1https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html