VYPR
Unrated severityNVD Advisory· Published May 30, 2024· Updated May 4, 2025

Bluetooth: qca: fix info leak when fetching fw build id

CVE-2024-36032

Description

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: qca: fix info leak when fetching fw build id

Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply is malformed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

98

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.