CVE-2024-36012
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
23/05/2024
Last modified:
24/05/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
Bluetooth: msft: fix slab-use-after-free in msft_do_close()<br />
<br />
Tying the msft->data lifetime to hdev by freeing it in<br />
hci_release_dev() to fix the following case:<br />
<br />
[use]<br />
msft_do_close()<br />
msft = hdev->msft_data;<br />
if (!msft) ...(1) filter_lock); ...(4) msft_data;<br />
hdev->msft_data = NULL; ...(2)<br />
kfree(msft); ...(3)