#VU90303 Out-of-bounds read in Linux kernel - CVE-2024-35967

Vulnerability identifier: #VU90303

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35967

CWE-ID: CWE-125

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the sco_sock_setsockopt() function in net/bluetooth/sco.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/b0e30c37695b614bee69187f86eaf250e36606ce
https://git.kernel.org/stable/c/7bc65d23ba20dcd7ecc094a12c181e594e5eb315
https://git.kernel.org/stable/c/72473db90900da970a16ee50ad23c2c38d107d8c
https://git.kernel.org/stable/c/419a0ffca7010216f0fc265b08558d7394fa0ba7
https://git.kernel.org/stable/c/51eda36d33e43201e7a4fd35232e069b2c850b01

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.