|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2024-35856: kernel: Bluetooth: btusb: mediatek: Fix double free of skb in coredump | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | SMASH SMASH <smash_bz> |
| Component: | Incidents | Assignee: | Joey Lee <jlee> |
| Status: | NEW --- | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | gabriele.sonnu, jlee |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/406384/ | ||
| Whiteboard: | CVSSv3.1:SUSE:CVE-2024-35856:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
SMASH SMASH
2024-05-20 16:07:03 UTC
commit 18bdb386a1a30e7a3d7732a98e45e69cf6b5710d [v6.9-rc6] Author: Sean Wang <sean.wang@mediatek.com> Date: Wed Apr 17 16:27:38 2024 -0700 Bluetooth: btusb: mediatek: Fix double free of skb in coredump hci_devcd_append() would free the skb on error so the caller don't have to free it again otherwise it would cause the double free of skb. Fixes: 0b7015132878 ("Bluetooth: btusb: mediatek: add MediaTek devcoredump support") [v6.6-rc1] Reported-by : Dan Carpenter <dan.carpenter@linaro.org> Signed-off-by: Sean Wang <sean.wang@mediatek.com> Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> |