CVE-2024-35967
Published: May 20, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_sock_setsockopt() is copying data without checking user input length. BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline] BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline] BUG: KASAN: slab-out-of-bounds in sco_sock_setsockopt+0xc0b/0xf90 net/bluetooth/sco.c:893 Read of size 4 at addr ffff88805f7b15a3 by task syz-executor.5/12578
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected b96e9c671b05f95126753a22145d4509d45ca197 - < b0e30c37695b614bee69187f86eaf250e36606ceaffected b96e9c671b05f95126753a22145d4509d45ca197 - < 2c2dc87cdebef3fe3b9d7a711a984c70e376e32eaffected b96e9c671b05f95126753a22145d4509d45ca197 - < 7bc65d23ba20dcd7ecc094a12c181e594e5eb315affected b96e9c671b05f95126753a22145d4509d45ca197 - < 72473db90900da970a16ee50ad23c2c38d107d8caffected b96e9c671b05f95126753a22145d4509d45ca197 - < 419a0ffca7010216f0fc265b08558d7394fa0ba7+1 more versions |
Linux | Linux | affected 3.8unaffected 0 - < 3.8unaffected 5.10.216 - <= 5.10.*unaffected 5.15.178 - <= 5.15.*unaffected 6.1.87 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now