What is the severity of CVE-2024-35978?

CVE-2024-35978 is considered to have a moderate severity due to a memory leak in the Linux kernel Bluetooth subsystem.

How do I fix CVE-2024-35978?

To fix CVE-2024-35978, update your Linux kernel to one of the patched versions listed in the advisory.

What versions of the Linux kernel are affected by CVE-2024-35978?

CVE-2024-35978 affects multiple versions of the Linux kernel between 4.1 and 6.12.x inclusive.

What component is impacted by CVE-2024-35978?

CVE-2024-35978 impacts the Bluetooth component within the Linux kernel.

Can CVE-2024-35978 be exploited remotely?

While CVE-2024-35978 involves a memory leak, it does not inherently provide an exploit vector for remote attacks.

Vulnerability/
CVE-2024-35978

medium

5.5

CWE

401

EPSS

0.042%

20/5/2024

19/12/2024

CVE-2024-35978: Bluetooth: Fix memory leak in hci_req_sync_complete()

First published: Mon May 20 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.119-1 6.12.10-1 6.12.11-1
Linux Kernel	>=4.1<4.19.313
Linux Kernel	>=4.20<5.4.275
Linux Kernel	>=5.5<5.10.216
Linux Kernel	>=5.11<5.15.156
Linux Kernel	>=5.16<6.1.87
Linux Kernel	>=6.2<6.6.28
Linux Kernel	>=6.7<6.8.7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-35978?
CVE-2024-35978 is considered to have a moderate severity due to a memory leak in the Linux kernel Bluetooth subsystem.
How do I fix CVE-2024-35978?
To fix CVE-2024-35978, update your Linux kernel to one of the patched versions listed in the advisory.
What versions of the Linux kernel are affected by CVE-2024-35978?
CVE-2024-35978 affects multiple versions of the Linux kernel between 4.1 and 6.12.x inclusive.
What component is impacted by CVE-2024-35978?
CVE-2024-35978 impacts the Bluetooth component within the Linux kernel.
Can CVE-2024-35978 be exploited remotely?
While CVE-2024-35978 involves a memory leak, it does not inherently provide an exploit vector for remote attacks.

agent/title
agent/type
agent/severity
agent/weakness
collector/epss-latest
source/FIRST
agent/epss
collector/launchpad-cve
source/Launchpad
agent/author
agent/remedy
agent/first-publish-date
agent/references
collector/usn-cve
source/Ubuntu
agent/event
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
agent/source
agent/tags
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
agent/softwarecombine
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-api
package-manager/debian
vendor/linux
canonical/linux kernel
version/linux kernel/4.1
version/linux kernel/4.20
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/6.2
version/linux kernel/6.7

CVE-2024-35978: Bluetooth: Fix memory leak in hci_req_sync_complete()

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-35978?

How do I fix CVE-2024-35978?

What versions of the Linux kernel are affected by CVE-2024-35978?

What component is impacted by CVE-2024-35978?

Can CVE-2024-35978 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-35978?

How do I fix CVE-2024-35978?

What versions of the Linux kernel are affected by CVE-2024-35978?

What component is impacted by CVE-2024-35978?

Can CVE-2024-35978 be exploited remotely?