CVE-2024-36942 - Vulnerability Details

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2024053038-CVE-2024-36942-9730@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-36942
https://www.cve.org/CVERecord?id=CVE-2024-36942

History

Tue, 04 Mar 2025 03:45:00 +0000

Type	Values Removed	Values Added
Title	Bluetooth: qca: fix firmware check error path	kernel: Bluetooth: qca: fix firmware check error path
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 27 Feb 2025 20:45:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.9:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc7::::::
Vendors & Products	Linux Linux linux Kernel
References	https://git.kernel.org/stable/c/064688d70c33bb5b49dde6e972b9379a8b045d8a https://git.kernel.org/stable/c/40d442f969fb1e871da6fca73d3f8aef1f888558 https://git.kernel.org/stable/c/580bcd6bf24f9975f97d81d5ef1b64cca9240df9 https://git.kernel.org/stable/c/7bcba557d5c37cd09ecd5abbe7d50deb86c36d3f https://git.kernel.org/stable/c/d1f768214320852766a60a815a0be8f14fba0cc3
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L'}`

Thu, 27 Feb 2025 19:45:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix firmware check error path A recent commit fixed the code that parses the firmware files before downloading them to the controller but introduced a memory leak in case the sanity checks ever fail. Make sure to free the firmware buffer before returning on errors.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Mon, 03 Feb 2025 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.9:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc6:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc7::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: REJECTED

Assigner: Linux

Published: 2024-05-30T15:35:41.532Z

Updated: 2025-02-27T19:38:30.309Z

Reserved: 2024-05-30T15:25:07.072Z

Link: CVE-2024-36942

Vulnrichment

Updated:

NVD

Status : Rejected

Published: 2024-05-30T16:15:17.227

Modified: 2025-02-27T20:15:39.403

Link: CVE-2024-36942

Redhat

Severity : Low

Publid Date: 2024-05-30T00:00:00Z

Links: CVE-2024-36942 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object