In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btusb: mediatek: Fix double free of skb in coredump
hci_devcd_append() would free the skb on error so the caller don’t have to
free it again otherwise it would cause the double free of skb. Reported-by
: Dan Carpenter <[email protected]>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gcp | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-gke | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-ibm | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-intel | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-lowlatency | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-nvidia | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-oem-6.8 | < any | UNKNOWN |
git.kernel.org/linus/18bdb386a1a30e7a3d7732a98e45e69cf6b5710d (6.9-rc6)
git.kernel.org/stable/c/18bdb386a1a30e7a3d7732a98e45e69cf6b5710d
git.kernel.org/stable/c/80dfef128cb9f1b1ef67c0fe8c8deb4ea7ad30c1
git.kernel.org/stable/c/e20093c741d8da9f6390dd45d75b779861547035
launchpad.net/bugs/cve/CVE-2024-35856
nvd.nist.gov/vuln/detail/CVE-2024-35856
security-tracker.debian.org/tracker/CVE-2024-35856
www.cve.org/CVERecord?id=CVE-2024-35856