CVE - CVE-2024-36032

CVE-ID
CVE-2024-36032	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply is malformed.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/57062aa13e87b1a78a4a8f6cb5fab6ba24f5f488 URL:https://git.kernel.org/stable/c/57062aa13e87b1a78a4a8f6cb5fab6ba24f5f488 MISC:https://git.kernel.org/stable/c/6b63e0ef4d3ce0080395e5091fba2023f246c45a URL:https://git.kernel.org/stable/c/6b63e0ef4d3ce0080395e5091fba2023f246c45a MISC:https://git.kernel.org/stable/c/a571044cc0a0c944e7c12237b6768aeedd7480e1 URL:https://git.kernel.org/stable/c/a571044cc0a0c944e7c12237b6768aeedd7480e1 MISC:https://git.kernel.org/stable/c/cda0d6a198e2a7ec6f176c36173a57bdd8af7af2 URL:https://git.kernel.org/stable/c/cda0d6a198e2a7ec6f176c36173a57bdd8af7af2
Assigning CNA
kernel.org
Date Record Created
20240517	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240517)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)