CVE-2024-35978
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/05/2024
Last modified:
05/11/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
Bluetooth: Fix memory leak in hci_req_sync_complete()<br />
<br />
In &#39;hci_req_sync_complete()&#39;, always free the previous sync<br />
request state before assigning reference to a new one.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.1 (including) | 4.19.313 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.275 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.216 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.156 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.87 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.28 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.7 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/45d355a926ab40f3ae7bc0b0a00cb0e3e8a5a810
- https://git.kernel.org/stable/c/4beab84fbb50df3be1d8f8a976e6fe882ca65cb2
- https://git.kernel.org/stable/c/66fab1e120b39f8f47a94186ddee36006fc02ca8
- https://git.kernel.org/stable/c/75193678cce993aa959e7764b6df2f599886dd06
- https://git.kernel.org/stable/c/8478394f76c748862ef179a16f651f752bdafaf0
- https://git.kernel.org/stable/c/89a32741f4217856066c198a4a7267bcdd1edd67
- https://git.kernel.org/stable/c/9ab5e44b9bac946bd49fd63264a08cd1ea494e76
- https://git.kernel.org/stable/c/e4cb8382fff6706436b66eafd9c0ee857ff0a9f5