In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: qca: fix info leak when fetching fw build id
Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply is malformed.
{ "vanir_signatures": [ { "id": "CVE-2024-36032-1215e6c1", "signature_type": "Function", "target": { "file": "drivers/bluetooth/btqca.c", "function": "qca_read_fw_build_info" }, "deprecated": false, "digest": { "length": 1005.0, "function_hash": "280467891257739895805760475055406259386" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@57062aa13e87b1a78a4a8f6cb5fab6ba24f5f488" }, { "id": "CVE-2024-36032-18f0e04f", "signature_type": "Function", "target": { "file": "drivers/bluetooth/btqca.c", "function": "qca_read_fw_build_info" }, "deprecated": false, "digest": { "length": 1005.0, "function_hash": "280467891257739895805760475055406259386" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cda0d6a198e2a7ec6f176c36173a57bdd8af7af2" }, { "id": "CVE-2024-36032-1f50d28d", "signature_type": "Function", "target": { "file": "drivers/bluetooth/btqca.c", "function": "qca_read_fw_build_info" }, "deprecated": false, "digest": { "length": 1005.0, "function_hash": "280467891257739895805760475055406259386" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a571044cc0a0c944e7c12237b6768aeedd7480e1" }, { "id": "CVE-2024-36032-83a2c112", "signature_type": "Line", "target": { "file": "drivers/bluetooth/btqca.c" }, "deprecated": false, "digest": { "line_hashes": [ "14906618008714465565375965890108290664", "244814980850047311451947024094360688288", "313852224018056529732562192249595486426", "300213198871872828264809856597282884780", "177178392142421332208100670747844746913", "308074065512402005472868781343876273141", "62825956099769442657305534634351146422", "193292398638918781050915374873505385472", "103650058433657539903867806902397185704", "66941197951949167496127327111508590310", "154203258476518330507753589421108701160", "228030548274534200777135952686341364095", "190925917296360977335205367219209089450", "313670755109431844836492814625139229375", "128117383068358161536567129605083314575", "273587643432448971981194990101169152066" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a571044cc0a0c944e7c12237b6768aeedd7480e1" }, { "id": "CVE-2024-36032-b74b6ca9", "signature_type": "Line", "target": { "file": "drivers/bluetooth/btqca.c" }, "deprecated": false, "digest": { "line_hashes": [ "14906618008714465565375965890108290664", "244814980850047311451947024094360688288", "313852224018056529732562192249595486426", "300213198871872828264809856597282884780", "177178392142421332208100670747844746913", "308074065512402005472868781343876273141", "62825956099769442657305534634351146422", "193292398638918781050915374873505385472", "103650058433657539903867806902397185704", "66941197951949167496127327111508590310", "154203258476518330507753589421108701160", "228030548274534200777135952686341364095", "190925917296360977335205367219209089450", "313670755109431844836492814625139229375", "128117383068358161536567129605083314575", "273587643432448971981194990101169152066" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cda0d6a198e2a7ec6f176c36173a57bdd8af7af2" }, { "id": "CVE-2024-36032-f4997418", "signature_type": "Line", "target": { "file": "drivers/bluetooth/btqca.c" }, "deprecated": false, "digest": { "line_hashes": [ "14906618008714465565375965890108290664", "244814980850047311451947024094360688288", "313852224018056529732562192249595486426", "300213198871872828264809856597282884780", "177178392142421332208100670747844746913", "308074065512402005472868781343876273141", "62825956099769442657305534634351146422", "193292398638918781050915374873505385472", "103650058433657539903867806902397185704", "66941197951949167496127327111508590310", "154203258476518330507753589421108701160", "228030548274534200777135952686341364095", "190925917296360977335205367219209089450", "313670755109431844836492814625139229375", "128117383068358161536567129605083314575", "273587643432448971981194990101169152066" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@57062aa13e87b1a78a4a8f6cb5fab6ba24f5f488" } ] }