CVE-2024-35978

Published: May 20, 2024Modified: May 12, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix memory leak in hci_req_sync_complete() In 'hci_req_sync_complete()', always free the previous sync request state before assigning reference to a new one.

Affected (7)

Products: Linux: Linux Kernel

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.1 to 4.19.313
Linux Linux Kernel	From 4.20 to 5.4.275
Linux Linux Kernel	From 5.11 to 5.15.156
Linux Linux Kernel	From 5.16 to 6.1.87
Linux Linux Kernel	From 5.5 to 5.10.216
Linux Linux Kernel	From 6.2 to 6.6.28
Linux Linux Kernel	From 6.7 to 6.8.7

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (19)

https://git.kernel.org/stable/c/45d355a926ab40f3ae7bc0b0a00cb0e3e8a5a810

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/4beab84fbb50df3be1d8f8a976e6fe882ca65cb2

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/66fab1e120b39f8f47a94186ddee36006fc02ca8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/75193678cce993aa959e7764b6df2f599886dd06

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/8478394f76c748862ef179a16f651f752bdafaf0

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/89a32741f4217856066c198a4a7267bcdd1edd67

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/9ab5e44b9bac946bd49fd63264a08cd1ea494e76

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/e4cb8382fff6706436b66eafd9c0ee857ff0a9f5

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/45d355a926ab40f3ae7bc0b0a00cb0e3e8a5a810

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/4beab84fbb50df3be1d8f8a976e6fe882ca65cb2

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/66fab1e120b39f8f47a94186ddee36006fc02ca8

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/75193678cce993aa959e7764b6df2f599886dd06

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/8478394f76c748862ef179a16f651f752bdafaf0

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/89a32741f4217856066c198a4a7267bcdd1edd67

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/9ab5e44b9bac946bd49fd63264a08cd1ea494e76

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/e4cb8382fff6706436b66eafd9c0ee857ff0a9f5

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Timeline

No history available yet.