CVE-2024-35964
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-35964
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35964.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-35964
- Downstream
- Related
- Published
- 2024-05-20T09:41:54Z
- Modified
- 2025-11-04T03:43:42.065905Z
- Summary
- Bluetooth: ISO: Fix not validating setsockopt user input
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: ISO: Fix not validating setsockopt user input
Check user input length before copying data.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0c4a89f4690478969729c7ba5f69d53d8516aa12
- https://git.kernel.org/stable/c/6a6baa1ee7a9df33adbf932305053520b9741b35
- https://git.kernel.org/stable/c/9e8742cdfc4b0e65266bb4a901a19462bda9285e
- https://git.kernel.org/stable/c/cec736e60dc18d91b88af28d96664bff284b02d1
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedccf74f2390d60a2f9a75ef496d2564abb478f46aFixedcec736e60dc18d91b88af28d96664bff284b02d1
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedccf74f2390d60a2f9a75ef496d2564abb478f46aFixed6a6baa1ee7a9df33adbf932305053520b9741b35
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedccf74f2390d60a2f9a75ef496d2564abb478f46aFixed0c4a89f4690478969729c7ba5f69d53d8516aa12
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedccf74f2390d60a2f9a75ef496d2564abb478f46aFixed9e8742cdfc4b0e65266bb4a901a19462bda9285e
Affected versions
v5.*
v5.19
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.100
v6.1.101
v6.1.102
v6.1.103
v6.1.104
v6.1.105
v6.1.106
v6.1.107
v6.1.108
v6.1.109
v6.1.11
v6.1.110
v6.1.111
v6.1.112
v6.1.113
v6.1.114
v6.1.115
v6.1.116
v6.1.117
v6.1.118
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.9
v6.1.90
v6.1.91
v6.1.92
v6.1.93
v6.1.94
v6.1.95
v6.1.96
v6.1.97
v6.1.98
v6.1.99
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.9-rc1
v6.9-rc2
Database specific
vanir_signatures
[
{
"digest": {
"length": 1826.0,
"function_hash": "211416396581050231143875738906729766516"
},
"target": {
"file": "net/bluetooth/iso.c",
"function": "iso_sock_setsockopt"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0c4a89f4690478969729c7ba5f69d53d8516aa12",
"id": "CVE-2024-35964-9725f0d4",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"digest": {
"length": 1826.0,
"function_hash": "211416396581050231143875738906729766516"
},
"target": {
"file": "net/bluetooth/iso.c",
"function": "iso_sock_setsockopt"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6a6baa1ee7a9df33adbf932305053520b9741b35",
"id": "CVE-2024-35964-b07592aa",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"digest": {
"line_hashes": [
"325337110124679007669068595293588370549",
"262872530207980691236703479781621386177",
"85544868467552575689791796364278059999",
"120315846598671958839108199865578391944",
"146918785957761180903342994980185812851",
"333821079057152553860177944205987969938",
"14133456619170772107471825208980146060",
"296544459159507103766289306347962149513",
"98169667164234217478625593399531834994",
"300862905683415155400858347209140287027",
"336956120794910581488736220815809191235",
"42414724502152936562852900605968357636",
"279417488532753613750317268240503198703",
"292492849420431356495341675061460380640",
"296544459159507103766289306347962149513",
"98169667164234217478625593399531834994",
"144688570454193283542851417508803023851",
"5469527003256524674845950640364442802",
"29371336787684416908243127885353687592",
"194835028909952804366713606338780806215",
"250868788655410057723512643304865103433",
"339166097271428203741016679575692082920",
"59231945172890828498331045434677866238",
"14658144961035760961831202945644942563",
"292010595532423246297908931644800411450",
"115728143756621145608728221534744206545",
"195707075243726721444916768684733248976",
"325540676475082648848788058332398431730",
"176279117404059760131816771289242444248",
"216070423310434518470596837263618823090",
"110946524801228231185048069181623547328",
"97033785978335394942053554830725483306",
"146716574384727682878892220541400644134",
"281118708228635685287407156801693978944",
"92611657748905296631935954375090918369",
"277201115773242232868099018343433973828",
"216786030437236444605595332694216828900",
"24594203217329395442817163934381659351",
"164811421893347472607811910686710352090",
"154174660863503606508049339462432530112",
"295650833505988911488346799130001193501",
"113430065374034118767090259505986066421"
],
"threshold": 0.9
},
"target": {
"file": "net/bluetooth/iso.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6a6baa1ee7a9df33adbf932305053520b9741b35",
"id": "CVE-2024-35964-be7b0218",
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"digest": {
"length": 1826.0,
"function_hash": "211416396581050231143875738906729766516"
},
"target": {
"file": "net/bluetooth/iso.c",
"function": "iso_sock_setsockopt"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9e8742cdfc4b0e65266bb4a901a19462bda9285e",
"id": "CVE-2024-35964-cdf6df15",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"digest": {
"line_hashes": [
"325337110124679007669068595293588370549",
"262872530207980691236703479781621386177",
"85544868467552575689791796364278059999",
"120315846598671958839108199865578391944",
"146918785957761180903342994980185812851",
"333821079057152553860177944205987969938",
"14133456619170772107471825208980146060",
"296544459159507103766289306347962149513",
"98169667164234217478625593399531834994",
"300862905683415155400858347209140287027",
"336956120794910581488736220815809191235",
"42414724502152936562852900605968357636",
"279417488532753613750317268240503198703",
"292492849420431356495341675061460380640",
"296544459159507103766289306347962149513",
"98169667164234217478625593399531834994",
"144688570454193283542851417508803023851",
"5469527003256524674845950640364442802",
"29371336787684416908243127885353687592",
"194835028909952804366713606338780806215",
"250868788655410057723512643304865103433",
"339166097271428203741016679575692082920",
"59231945172890828498331045434677866238",
"14658144961035760961831202945644942563",
"292010595532423246297908931644800411450",
"115728143756621145608728221534744206545",
"195707075243726721444916768684733248976",
"325540676475082648848788058332398431730",
"176279117404059760131816771289242444248",
"216070423310434518470596837263618823090",
"110946524801228231185048069181623547328",
"97033785978335394942053554830725483306",
"146716574384727682878892220541400644134",
"281118708228635685287407156801693978944",
"92611657748905296631935954375090918369",
"277201115773242232868099018343433973828",
"216786030437236444605595332694216828900",
"24594203217329395442817163934381659351",
"164811421893347472607811910686710352090",
"154174660863503606508049339462432530112",
"295650833505988911488346799130001193501",
"113430065374034118767090259505986066421"
],
"threshold": 0.9
},
"target": {
"file": "net/bluetooth/iso.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9e8742cdfc4b0e65266bb4a901a19462bda9285e",
"id": "CVE-2024-35964-d149bcc6",
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"digest": {
"line_hashes": [
"325337110124679007669068595293588370549",
"77685022288769241990556077546654041827",
"49573784797373023733708337740110167865",
"64291704707237600729023796960213249813",
"146918785957761180903342994980185812851",
"333821079057152553860177944205987969938",
"14133456619170772107471825208980146060",
"296544459159507103766289306347962149513",
"98169667164234217478625593399531834994",
"300862905683415155400858347209140287027",
"336956120794910581488736220815809191235",
"29371336787684416908243127885353687592",
"60788319010322330308013811833795529591",
"269255709306766012329079285588564343231",
"8419002274193798253236134128420877568",
"210191085025828634794992192272558083674",
"239073854615836286423875867055984501194",
"81924845198597185547034474257189675760",
"142720734229590363199050629516176443625",
"194943378048721956862463827807765913088",
"59231945172890828498331045434677866238",
"269936990754269148275870814002875704933",
"177140965909007267322953373038897208284",
"291932817608803272054805987911625782456",
"110946524801228231185048069181623547328",
"97033785978335394942053554830725483306",
"146716574384727682878892220541400644134",
"281118708228635685287407156801693978944",
"92611657748905296631935954375090918369",
"277201115773242232868099018343433973828",
"216786030437236444605595332694216828900",
"24594203217329395442817163934381659351",
"164811421893347472607811910686710352090",
"154174660863503606508049339462432530112",
"295650833505988911488346799130001193501",
"113430065374034118767090259505986066421"
],
"threshold": 0.9
},
"target": {
"file": "net/bluetooth/iso.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cec736e60dc18d91b88af28d96664bff284b02d1",
"id": "CVE-2024-35964-d4dffbda",
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"digest": {
"length": 1586.0,
"function_hash": "133780442062992275121854909588002258890"
},
"target": {
"file": "net/bluetooth/iso.c",
"function": "iso_sock_setsockopt"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cec736e60dc18d91b88af28d96664bff284b02d1",
"id": "CVE-2024-35964-d5a1bf8b",
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"digest": {
"line_hashes": [
"325337110124679007669068595293588370549",
"262872530207980691236703479781621386177",
"85544868467552575689791796364278059999",
"120315846598671958839108199865578391944",
"146918785957761180903342994980185812851",
"333821079057152553860177944205987969938",
"14133456619170772107471825208980146060",
"296544459159507103766289306347962149513",
"98169667164234217478625593399531834994",
"300862905683415155400858347209140287027",
"336956120794910581488736220815809191235",
"42414724502152936562852900605968357636",
"279417488532753613750317268240503198703",
"292492849420431356495341675061460380640",
"296544459159507103766289306347962149513",
"98169667164234217478625593399531834994",
"144688570454193283542851417508803023851",
"5469527003256524674845950640364442802",
"29371336787684416908243127885353687592",
"194835028909952804366713606338780806215",
"250868788655410057723512643304865103433",
"339166097271428203741016679575692082920",
"59231945172890828498331045434677866238",
"14658144961035760961831202945644942563",
"292010595532423246297908931644800411450",
"115728143756621145608728221534744206545",
"195707075243726721444916768684733248976",
"325540676475082648848788058332398431730",
"176279117404059760131816771289242444248",
"216070423310434518470596837263618823090",
"110946524801228231185048069181623547328",
"97033785978335394942053554830725483306",
"146716574384727682878892220541400644134",
"281118708228635685287407156801693978944",
"92611657748905296631935954375090918369",
"277201115773242232868099018343433973828",
"216786030437236444605595332694216828900",
"24594203217329395442817163934381659351",
"164811421893347472607811910686710352090",
"154174660863503606508049339462432530112",
"295650833505988911488346799130001193501",
"113430065374034118767090259505986066421"
],
"threshold": 0.9
},
"target": {
"file": "net/bluetooth/iso.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0c4a89f4690478969729c7ba5f69d53d8516aa12",
"id": "CVE-2024-35964-de1951ed",
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
}
]