CVE-2024-35978
Bluetooth: Fix memory leak in hci_req_sync_complete()
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
20 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: Fix memory leak in hci_req_sync_complete()
In 'hci_req_sync_complete()', always free the previous sync
request state before assigning reference to a new one.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cert-portal.siemens.com/productcert/html/ssa-265688.htmlhttps://git.kernel.org/stable/c/45d355a926ab40f3ae7bc0b0a00cb0e3e8a5a810https://git.kernel.org/stable/c/4beab84fbb50df3be1d8f8a976e6fe882ca65cb2https://git.kernel.org/stable/c/66fab1e120b39f8f47a94186ddee36006fc02ca8https://git.kernel.org/stable/c/75193678cce993aa959e7764b6df2f599886dd06https://git.kernel.org/stable/c/8478394f76c748862ef179a16f651f752bdafaf0https://git.kernel.org/stable/c/89a32741f4217856066c198a4a7267bcdd1edd67https://git.kernel.org/stable/c/9ab5e44b9bac946bd49fd63264a08cd1ea494e76https://git.kernel.org/stable/c/e4cb8382fff6706436b66eafd9c0ee857ff0a9f5https://lists.debian.org/debian-lts-announce/2024/06/msg00017.htmlhttps://lists.debian.org/debian-lts-announce/2024/06/msg00020.html