CVE-2024-43884

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pair_device() hci_conn_params_add() never checks for a NULL value and could lead to a NULL pointer dereference causing a crash. Fixed by adding error handling in the function.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*

History

04 Sep 2024, 12:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/11b4b0e63f2621b33b2e107407a7d67a65994ca1 -
  • () https://git.kernel.org/stable/c/90e1ff1c15e5a8f3023ca8266e3a85869ed03ee9 -
  • () https://git.kernel.org/stable/c/951d6cb5eaac5130d076c728f2a6db420621afdb -
  • () https://git.kernel.org/stable/c/9df9783bd85610d3d6e126a1aca221531f6f6dcb -

29 Aug 2024, 17:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/064dd929c76532359d2905d90a7c12348043cfd4 -
  • () https://git.kernel.org/stable/c/5da2884292329bc9be32a7778e0e119f06abe503 -
  • () https://git.kernel.org/stable/c/ee0799103b1ae4bcfd80dc11a15df085f6ee1b61 -

27 Aug 2024, 14:37

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
References () https://git.kernel.org/stable/c/538fd3921afac97158d4177139a0ad39f056dbb2 - () https://git.kernel.org/stable/c/538fd3921afac97158d4177139a0ad39f056dbb2 - Patch
CWE CWE-476
CPE cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Bluetooth: MGMT: agregar manejo de errores a pair_device() hci_conn_params_add() nunca busca un valor NULL y podría provocar una desreferencia del puntero NULL que causa un bloqueo. Se solucionó agregando manejo de errores en la función.
First Time Linux linux Kernel
Linux

26 Aug 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-26 08:15

Updated : 2024-09-04 12:15


NVD link : CVE-2024-43884

Mitre link : CVE-2024-43884

CVE.ORG link : CVE-2024-43884


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference