In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: qca: fix info leak when fetching fw build id
Add the missing sanity checks and move the 255-byte build-id buffer off
the stack to avoid leaking stack data through debugfs in case the
build-info reply is malformed.
Metrics
Affected Vendors & Products
References
History
Thu, 07 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-30T15:23:47.423Z
Updated: 2024-12-19T09:00:59.185Z
Reserved: 2024-05-17T13:50:33.160Z
Link: CVE-2024-36032
Vulnrichment
Updated: 2024-08-02T03:30:12.639Z
NVD
Status : Awaiting Analysis
Published: 2024-05-30T16:15:11.490
Modified: 2024-11-21T09:21:28.780
Link: CVE-2024-36032
Redhat