In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sock: Fix not validating setsockopt user input
Check user input length before copying data.
{ "vanir_signatures": [ { "digest": { "line_hashes": [ "277121413308750252160793761390308559199", "317625653507446974212842247454885561934", "189966027603337682811311459491093769957", "281023217771704599521172316994848287058", "98169667164234217478625593399531834994", "12188971120522823144810408329117621545", "320164560656539179218082041476482311809", "176040929417674995949120415965575894676", "40551268346715138176851242104190925180", "95552594830903391117057121840654664626", "281023217771704599521172316994848287058", "98169667164234217478625593399531834994", "232513448004168148708303482586911009361", "237881029202920626330167196713372242714", "157293562330816668257404513385770016801", "1962883842882562897912300386999248197", "3901165630547546710003127310553202625", "254743753427876447489001090568185702585", "271443653591055674096659740035302076018", "256781434524097540553107571300583006145", "90374822461053929880022073975347339407", "170497215347401113649792727655158488694", "170643884151492026499765983212964017256", "185804530349227390250724717914841231852", "338412216013592640612562492748005687230", "281023217771704599521172316994848287058", "124322181926752715923121713101739521680", "104514266875396143991760577456120885365", "169062386663441342313773025289016965002" ], "threshold": 0.9 }, "target": { "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50173882bb187e70e37bac01385b9b114019bee2", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-010cd05e" }, { "digest": { "length": 1796.0, "function_hash": "252115606733141431445629827952591823593" }, "target": { "function": "hci_sock_setsockopt_old", "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50173882bb187e70e37bac01385b9b114019bee2", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-019ba6e8" }, { "digest": { "line_hashes": [ "277121413308750252160793761390308559199", "317625653507446974212842247454885561934", "189966027603337682811311459491093769957", "281023217771704599521172316994848287058", "98169667164234217478625593399531834994", "12188971120522823144810408329117621545", "320164560656539179218082041476482311809", "176040929417674995949120415965575894676", "40551268346715138176851242104190925180", "95552594830903391117057121840654664626", "281023217771704599521172316994848287058", "98169667164234217478625593399531834994", "232513448004168148708303482586911009361", "237881029202920626330167196713372242714", "157293562330816668257404513385770016801", "1962883842882562897912300386999248197", "3901165630547546710003127310553202625", "254743753427876447489001090568185702585", "271443653591055674096659740035302076018", "256781434524097540553107571300583006145", "90374822461053929880022073975347339407", "170497215347401113649792727655158488694", "170643884151492026499765983212964017256", "185804530349227390250724717914841231852", "338412216013592640612562492748005687230", "281023217771704599521172316994848287058", "124322181926752715923121713101739521680", "104514266875396143991760577456120885365", "169062386663441342313773025289016965002" ], "threshold": 0.9 }, "target": { "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b2186061d6043d6345a97100460363e990af0d46", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-30915e43" }, { "digest": { "line_hashes": [ "277121413308750252160793761390308559199", "317625653507446974212842247454885561934", "189966027603337682811311459491093769957", "281023217771704599521172316994848287058", "98169667164234217478625593399531834994", "12188971120522823144810408329117621545", "320164560656539179218082041476482311809", "176040929417674995949120415965575894676", "40551268346715138176851242104190925180", "95552594830903391117057121840654664626", "281023217771704599521172316994848287058", "98169667164234217478625593399531834994", "232513448004168148708303482586911009361", "237881029202920626330167196713372242714", "157293562330816668257404513385770016801", "1962883842882562897912300386999248197", "3901165630547546710003127310553202625", "254743753427876447489001090568185702585", "271443653591055674096659740035302076018", "256781434524097540553107571300583006145", "90374822461053929880022073975347339407", "170497215347401113649792727655158488694", "170643884151492026499765983212964017256", "185804530349227390250724717914841231852", "338412216013592640612562492748005687230", "281023217771704599521172316994848287058", "124322181926752715923121713101739521680", "104514266875396143991760577456120885365", "169062386663441342313773025289016965002" ], "threshold": 0.9 }, "target": { "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0c18a64039aa3f1c16f208d197c65076da798137", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-332c5c77" }, { "digest": { "length": 1796.0, "function_hash": "252115606733141431445629827952591823593" }, "target": { "function": "hci_sock_setsockopt_old", "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@781f3a97a38a338bc893b6db7f9f9670bf1a9e37", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-6f2d60e2" }, { "digest": { "length": 744.0, "function_hash": "130463138224664608909029529760177016842" }, "target": { "function": "hci_sock_setsockopt", "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0c18a64039aa3f1c16f208d197c65076da798137", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-79c5c6c8" }, { "digest": { "length": 1796.0, "function_hash": "252115606733141431445629827952591823593" }, "target": { "function": "hci_sock_setsockopt_old", "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b2186061d6043d6345a97100460363e990af0d46", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-8d56d4cb" }, { "digest": { "length": 1796.0, "function_hash": "252115606733141431445629827952591823593" }, "target": { "function": "hci_sock_setsockopt_old", "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0c18a64039aa3f1c16f208d197c65076da798137", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-aa024f4a" }, { "digest": { "length": 744.0, "function_hash": "130463138224664608909029529760177016842" }, "target": { "function": "hci_sock_setsockopt", "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50173882bb187e70e37bac01385b9b114019bee2", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-ab8ba4a7" }, { "digest": { "length": 744.0, "function_hash": "130463138224664608909029529760177016842" }, "target": { "function": "hci_sock_setsockopt", "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b2186061d6043d6345a97100460363e990af0d46", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-d410e18d" }, { "digest": { "line_hashes": [ "277121413308750252160793761390308559199", "317625653507446974212842247454885561934", "189966027603337682811311459491093769957", "281023217771704599521172316994848287058", "98169667164234217478625593399531834994", "12188971120522823144810408329117621545", "320164560656539179218082041476482311809", "176040929417674995949120415965575894676", "40551268346715138176851242104190925180", "95552594830903391117057121840654664626", "281023217771704599521172316994848287058", "98169667164234217478625593399531834994", "232513448004168148708303482586911009361", "237881029202920626330167196713372242714", "157293562330816668257404513385770016801", "1962883842882562897912300386999248197", "3901165630547546710003127310553202625", "254743753427876447489001090568185702585", "271443653591055674096659740035302076018", "256781434524097540553107571300583006145", "90374822461053929880022073975347339407", "170497215347401113649792727655158488694", "170643884151492026499765983212964017256", "185804530349227390250724717914841231852", "338412216013592640612562492748005687230", "281023217771704599521172316994848287058", "124322181926752715923121713101739521680", "104514266875396143991760577456120885365", "169062386663441342313773025289016965002" ], "threshold": 0.9 }, "target": { "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@781f3a97a38a338bc893b6db7f9f9670bf1a9e37", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-e5003ace" }, { "digest": { "length": 744.0, "function_hash": "130463138224664608909029529760177016842" }, "target": { "function": "hci_sock_setsockopt", "file": "net/bluetooth/hci_sock.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@781f3a97a38a338bc893b6db7f9f9670bf1a9e37", "deprecated": false, "signature_version": "v1", "id": "CVE-2024-35963-fed8ca3e" } ] }