CVE-2024-35856

Bluetooth: btusb: mediatek: Fix double free of skb in coredump

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btusb: mediatek: Fix double free of skb in coredump

hci_devcd_append() would free the skb on error so the caller don't
have to free it again otherwise it would cause the double free of skb.

Reported-by : Dan Carpenter <dan.carpenter@linaro.org>

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btusb: mediatek: Corrección double free de skb en coredump hci_devcd_append() liberaría el skb en caso de error para que la persona que llama no tenga que liberarlo nuevamente, de lo contrario causaría el doble libre de skb. Reportado por: Dan Carpenter

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-17 CVE Reserved
2024-05-17 CVE Published
2024-05-18 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (4)

URL	Tag	Source
https://git.kernel.org/stable/c/0b70151328781a89c89e4cf3fae21fc0e98d869e	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/80dfef128cb9f1b1ef67c0fe8c8deb4ea7ad30c1	2024-05-02
https://git.kernel.org/stable/c/e20093c741d8da9f6390dd45d75b779861547035	2024-05-02
https://git.kernel.org/stable/c/18bdb386a1a30e7a3d7732a98e45e69cf6b5710d	2024-04-24

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.6.30 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.6.30"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.8.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.8.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6 < 6.9"		en		Affected