CVE-2024-26887

Published: Apr 17, 2024Modified: Jan 7, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Fix memory leak This checks if CONFIG_DEV_COREDUMP is enabled before attempting to clone the skb and also make sure btmtk_process_coredump frees the skb passed following the same logic.

Affected (3)

Products: Linux: Linux Kernel

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.6 to 6.6.23
Linux Linux Kernel	From 6.7 to 6.7.11
Linux Linux Kernel	From 6.8 to 6.8.2

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (8)

https://git.kernel.org/stable/c/620b9e60e4b55fa55540ce852a0f3c9e6091dbbc

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/79f4127a502c5905f04da1f20a7bbe07103fb77c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b08bd8f02a24e2b82fece5ac51dc1c3d9aa6c404

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b10e6f6b160a60b98fb7476028f5a95405bbd725

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/620b9e60e4b55fa55540ce852a0f3c9e6091dbbc

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/79f4127a502c5905f04da1f20a7bbe07103fb77c

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/b08bd8f02a24e2b82fece5ac51dc1c3d9aa6c404

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/b10e6f6b160a60b98fb7476028f5a95405bbd725

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.