5.5

CVE-2024-26888

Bluetooth: msft: Fix memory leak

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: msft: Fix memory leak

Fix leaking buffer allocated to send MSFT_OP_LE_MONITOR_ADVERTISEMENT.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.4.16 < 6.5
LinuxLinux Kernel Version >= 6.5.3 < 6.6.23
LinuxLinux Kernel Version >= 6.7 < 6.7.11
LinuxLinux Kernel Version >= 6.8 < 6.8.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.129
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/5987b9f7d9314c7411136005b3a52f61a8cc0911
Patch
https://git.kernel.org/stable/c/5cb93417c93716a5404f762f331f5de3653fd952
Patch
https://git.kernel.org/stable/c/98e9920c75e0790bff947a00d192d24bf1c724e0
Patch
https://git.kernel.org/stable/c/a6e06258f4c31eba0fcd503e19828b5f8fe7b08b
Patch