NULL pointer dereference in Linux kernel bluetooth driver



| Updated: 2025-05-14
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-35851
CWE-ID CWE-476
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Linux kernel
Operating systems & Components / Operating system

Vendor Linux Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) NULL pointer dereference

EUVDB-ID: #VU90839

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-35851

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the qca_prevent_wake() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.15 - 6.6.29

CPE2.3 External links

https://git.kernel.org/stable/c/52f9041deaca3fc5c40ef3b9cb943993ec7d2489
https://git.kernel.org/stable/c/e60502b907be350c518819297b565007a94c706d
https://git.kernel.org/stable/c/6b47cdeb786c38e4174319218db3fa6d7b4bba88
https://git.kernel.org/stable/c/b64092d2f108f0cd1d7fd7e176f5fb2a67a2f189
https://git.kernel.org/stable/c/73e87c0a49fda31d7b589edccf4c72e924411371
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.158
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.90
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.30


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###