CVE-2024-36033

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/0adcf6be1445ed50bfd4a451a7a782568f270197	Patch
https://git.kernel.org/stable/c/a3dff121a7f5104c4c2d47edaa2351837ef645dd	Patch
https://git.kernel.org/stable/c/ba307abed5e09759845c735ba036f8c12f55b209	Patch
https://git.kernel.org/stable/c/bcccdc947d2ca5972b1e92d0dea10803ddc08ceb	Patch
https://git.kernel.org/stable/c/f30c37cb4549baf8377434892d520fe7769bdba7	Patch
https://git.kernel.org/stable/c/0adcf6be1445ed50bfd4a451a7a782568f270197	Patch
https://git.kernel.org/stable/c/a3dff121a7f5104c4c2d47edaa2351837ef645dd	Patch
https://git.kernel.org/stable/c/ba307abed5e09759845c735ba036f8c12f55b209	Patch
https://git.kernel.org/stable/c/bcccdc947d2ca5972b1e92d0dea10803ddc08ceb	Patch
https://git.kernel.org/stable/c/f30c37cb4549baf8377434892d520fe7769bdba7	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc7::::::

History

No history.

Information

Published : 2024-05-30 16:15

Updated : 2025-09-18 14:36

NVD link : CVE-2024-36033

Mitre link : CVE-2024-36033

CVE.ORG link : CVE-2024-36033

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-668

Exposure of Resource to Wrong Sphere

{"id": "CVE-2024-36033", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2024-05-30T16:15:11.567", "references": [{"url": "https://git.kernel.org/stable/c/0adcf6be1445ed50bfd4a451a7a782568f270197", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a3dff121a7f5104c4c2d47edaa2351837ef645dd", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ba307abed5e09759845c735ba036f8c12f55b209", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bcccdc947d2ca5972b1e92d0dea10803ddc08ceb", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f30c37cb4549baf8377434892d520fe7769bdba7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/0adcf6be1445ed50bfd4a451a7a782568f270197", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/a3dff121a7f5104c4c2d47edaa2351837ef645dd", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/ba307abed5e09759845c735ba036f8c12f55b209", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/bcccdc947d2ca5972b1e92d0dea10803ddc08ceb", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/f30c37cb4549baf8377434892d520fe7769bdba7", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: fix info leak when fetching board id\n\nAdd the missing sanity check when fetching the board id to avoid leaking\nslab data when later requesting the firmware."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Bluetooth: qca: corrige la fuga de informaci\u00f3n al obtener la identificaci\u00f3n de la placa. Agregue la verificaci\u00f3n de cordura que falta al recuperar la identificaci\u00f3n de la placa para evitar fugas de datos de losa cuando luego solicite el firmware."}], "lastModified": "2025-09-18T14:36:14.127", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A6B920C-8D8F-4130-86B4-AD334F4CF2E3", "versionEndExcluding": "6.8.10", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91326417-E981-482E-A5A3-28BC1327521B"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAECDCD8-F556-4606-8D7B-5C6D47A501F2"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}