CVE-2024-35963
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-35963
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35963.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-35963
- Downstream
- Related
- Published
- 2024-05-20T09:41:53Z
- Modified
- 2025-10-15T11:00:19.890251Z
- Summary
- Bluetooth: hci_sock: Fix not validating setsockopt user input
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_sock: Fix not validating setsockopt user input
Check user input length before copying data.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0c18a64039aa3f1c16f208d197c65076da798137
- https://git.kernel.org/stable/c/50173882bb187e70e37bac01385b9b114019bee2
- https://git.kernel.org/stable/c/781f3a97a38a338bc893b6db7f9f9670bf1a9e37
- https://git.kernel.org/stable/c/b2186061d6043d6345a97100460363e990af0d46
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced09572fca7223bcf32c9f0d5e100d8381a81d55f4Fixed781f3a97a38a338bc893b6db7f9f9670bf1a9e37
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced09572fca7223bcf32c9f0d5e100d8381a81d55f4Fixed0c18a64039aa3f1c16f208d197c65076da798137
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced09572fca7223bcf32c9f0d5e100d8381a81d55f4Fixed50173882bb187e70e37bac01385b9b114019bee2
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced09572fca7223bcf32c9f0d5e100d8381a81d55f4Fixedb2186061d6043d6345a97100460363e990af0d46
Affected versions
v5.*
v5.14
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.100
v6.1.101
v6.1.102
v6.1.103
v6.1.104
v6.1.105
v6.1.106
v6.1.107
v6.1.108
v6.1.109
v6.1.11
v6.1.110
v6.1.111
v6.1.112
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.9
v6.1.90
v6.1.91
v6.1.92
v6.1.93
v6.1.94
v6.1.95
v6.1.96
v6.1.97
v6.1.98
v6.1.99
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.48
v6.6.49
v6.6.5
v6.6.50
v6.6.51
v6.6.52
v6.6.53
v6.6.54
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.9-rc1
v6.9-rc2
Database specific
{
"vanir_signatures": [
{
"digest": {
"line_hashes": [
"277121413308750252160793761390308559199",
"317625653507446974212842247454885561934",
"189966027603337682811311459491093769957",
"281023217771704599521172316994848287058",
"98169667164234217478625593399531834994",
"12188971120522823144810408329117621545",
"320164560656539179218082041476482311809",
"176040929417674995949120415965575894676",
"40551268346715138176851242104190925180",
"95552594830903391117057121840654664626",
"281023217771704599521172316994848287058",
"98169667164234217478625593399531834994",
"232513448004168148708303482586911009361",
"237881029202920626330167196713372242714",
"157293562330816668257404513385770016801",
"1962883842882562897912300386999248197",
"3901165630547546710003127310553202625",
"254743753427876447489001090568185702585",
"271443653591055674096659740035302076018",
"256781434524097540553107571300583006145",
"90374822461053929880022073975347339407",
"170497215347401113649792727655158488694",
"170643884151492026499765983212964017256",
"185804530349227390250724717914841231852",
"338412216013592640612562492748005687230",
"281023217771704599521172316994848287058",
"124322181926752715923121713101739521680",
"104514266875396143991760577456120885365",
"169062386663441342313773025289016965002"
],
"threshold": 0.9
},
"target": {
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50173882bb187e70e37bac01385b9b114019bee2",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-010cd05e"
},
{
"digest": {
"length": 1796.0,
"function_hash": "252115606733141431445629827952591823593"
},
"target": {
"function": "hci_sock_setsockopt_old",
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50173882bb187e70e37bac01385b9b114019bee2",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-019ba6e8"
},
{
"digest": {
"line_hashes": [
"277121413308750252160793761390308559199",
"317625653507446974212842247454885561934",
"189966027603337682811311459491093769957",
"281023217771704599521172316994848287058",
"98169667164234217478625593399531834994",
"12188971120522823144810408329117621545",
"320164560656539179218082041476482311809",
"176040929417674995949120415965575894676",
"40551268346715138176851242104190925180",
"95552594830903391117057121840654664626",
"281023217771704599521172316994848287058",
"98169667164234217478625593399531834994",
"232513448004168148708303482586911009361",
"237881029202920626330167196713372242714",
"157293562330816668257404513385770016801",
"1962883842882562897912300386999248197",
"3901165630547546710003127310553202625",
"254743753427876447489001090568185702585",
"271443653591055674096659740035302076018",
"256781434524097540553107571300583006145",
"90374822461053929880022073975347339407",
"170497215347401113649792727655158488694",
"170643884151492026499765983212964017256",
"185804530349227390250724717914841231852",
"338412216013592640612562492748005687230",
"281023217771704599521172316994848287058",
"124322181926752715923121713101739521680",
"104514266875396143991760577456120885365",
"169062386663441342313773025289016965002"
],
"threshold": 0.9
},
"target": {
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b2186061d6043d6345a97100460363e990af0d46",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-30915e43"
},
{
"digest": {
"line_hashes": [
"277121413308750252160793761390308559199",
"317625653507446974212842247454885561934",
"189966027603337682811311459491093769957",
"281023217771704599521172316994848287058",
"98169667164234217478625593399531834994",
"12188971120522823144810408329117621545",
"320164560656539179218082041476482311809",
"176040929417674995949120415965575894676",
"40551268346715138176851242104190925180",
"95552594830903391117057121840654664626",
"281023217771704599521172316994848287058",
"98169667164234217478625593399531834994",
"232513448004168148708303482586911009361",
"237881029202920626330167196713372242714",
"157293562330816668257404513385770016801",
"1962883842882562897912300386999248197",
"3901165630547546710003127310553202625",
"254743753427876447489001090568185702585",
"271443653591055674096659740035302076018",
"256781434524097540553107571300583006145",
"90374822461053929880022073975347339407",
"170497215347401113649792727655158488694",
"170643884151492026499765983212964017256",
"185804530349227390250724717914841231852",
"338412216013592640612562492748005687230",
"281023217771704599521172316994848287058",
"124322181926752715923121713101739521680",
"104514266875396143991760577456120885365",
"169062386663441342313773025289016965002"
],
"threshold": 0.9
},
"target": {
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0c18a64039aa3f1c16f208d197c65076da798137",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-332c5c77"
},
{
"digest": {
"length": 1796.0,
"function_hash": "252115606733141431445629827952591823593"
},
"target": {
"function": "hci_sock_setsockopt_old",
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@781f3a97a38a338bc893b6db7f9f9670bf1a9e37",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-6f2d60e2"
},
{
"digest": {
"length": 744.0,
"function_hash": "130463138224664608909029529760177016842"
},
"target": {
"function": "hci_sock_setsockopt",
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0c18a64039aa3f1c16f208d197c65076da798137",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-79c5c6c8"
},
{
"digest": {
"length": 1796.0,
"function_hash": "252115606733141431445629827952591823593"
},
"target": {
"function": "hci_sock_setsockopt_old",
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b2186061d6043d6345a97100460363e990af0d46",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-8d56d4cb"
},
{
"digest": {
"length": 1796.0,
"function_hash": "252115606733141431445629827952591823593"
},
"target": {
"function": "hci_sock_setsockopt_old",
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0c18a64039aa3f1c16f208d197c65076da798137",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-aa024f4a"
},
{
"digest": {
"length": 744.0,
"function_hash": "130463138224664608909029529760177016842"
},
"target": {
"function": "hci_sock_setsockopt",
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50173882bb187e70e37bac01385b9b114019bee2",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-ab8ba4a7"
},
{
"digest": {
"length": 744.0,
"function_hash": "130463138224664608909029529760177016842"
},
"target": {
"function": "hci_sock_setsockopt",
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b2186061d6043d6345a97100460363e990af0d46",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-d410e18d"
},
{
"digest": {
"line_hashes": [
"277121413308750252160793761390308559199",
"317625653507446974212842247454885561934",
"189966027603337682811311459491093769957",
"281023217771704599521172316994848287058",
"98169667164234217478625593399531834994",
"12188971120522823144810408329117621545",
"320164560656539179218082041476482311809",
"176040929417674995949120415965575894676",
"40551268346715138176851242104190925180",
"95552594830903391117057121840654664626",
"281023217771704599521172316994848287058",
"98169667164234217478625593399531834994",
"232513448004168148708303482586911009361",
"237881029202920626330167196713372242714",
"157293562330816668257404513385770016801",
"1962883842882562897912300386999248197",
"3901165630547546710003127310553202625",
"254743753427876447489001090568185702585",
"271443653591055674096659740035302076018",
"256781434524097540553107571300583006145",
"90374822461053929880022073975347339407",
"170497215347401113649792727655158488694",
"170643884151492026499765983212964017256",
"185804530349227390250724717914841231852",
"338412216013592640612562492748005687230",
"281023217771704599521172316994848287058",
"124322181926752715923121713101739521680",
"104514266875396143991760577456120885365",
"169062386663441342313773025289016965002"
],
"threshold": 0.9
},
"target": {
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@781f3a97a38a338bc893b6db7f9f9670bf1a9e37",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-e5003ace"
},
{
"digest": {
"length": 744.0,
"function_hash": "130463138224664608909029529760177016842"
},
"target": {
"function": "hci_sock_setsockopt",
"file": "net/bluetooth/hci_sock.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@781f3a97a38a338bc893b6db7f9f9670bf1a9e37",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-35963-fed8ca3e"
}
]
}