CVE-2024-35965
Bluetooth: L2CAP: Fix not validating setsockopt user input
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input length before copying data.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: L2CAP: solución que no valida la entrada del usuario de setsockopt. Verifique la longitud de la entrada del usuario antes de copiar datos.
CVE-2024-35965 is a vulnerability in the Linux kernel's Bluetooth L2CAP implementation, caused by inadequate input length validation in the setsockopt function. This flaw allows overly large user-provided data to be copied into kernel memory, potentially leading to buffer overflows, system instability, or privilege escalation. The issue has been fixed by adding proper checks to ensure data size is within acceptable limits. Users should update their Linux kernel to the patched version to mitigate this risk.
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-17 CVE Reserved
- 2024-05-20 CVE Published
- 2025-05-04 CVE Updated
- 2025-06-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/33575df7be6748292f88453f29319af6d639c5c8 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2024-35965 | 2025-05-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2281909 | 2025-05-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.39 < 5.10.227 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.39 < 5.10.227" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.39 < 6.1.87 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.39 < 6.1.87" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.39 < 6.6.55 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.39 < 6.6.55" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.39 < 6.8.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.39 < 6.8.7" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.39 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.39 < 6.9" | en |
Affected
| ||||||