CVE-2024-36013 - Use-After-Free in Linux Kernel Bluetooth L2CAP (`l2cap_connect`) (Exploit, Technical Details, and Fix)
In June 2024, a critical vulnerability (CVE-2024-36013) was disclosed and patched in the Linux kernel’s Bluetooth stack (specifically, the L2CAP layer). This exclusive writeup
CVE-2024-36011 - Exploiting and Understanding the Linux Kernel Bluetooth Null Pointer Dereference
In mid-2024, a new vulnerability — CVE-2024-36011 — was discovered and patched in the Linux kernel. This issue centers on the Bluetooth subsystem, specifically the "Host
CVE-2024-35978 - Deep Dive into a Bluetooth Memory Leak in Linux Kernel’s hci_req_sync_complete() (With Exploit Details)
Recently, a vulnerability tracked as CVE-2024-35978 was identified and patched in the Linux kernel, particularly affecting the Bluetooth subsystem. This flaw was caused by a
CVE-2024-35933 - Easy Guide to the Linux Kernel Bluetooth Null Pointer Dereference Vulnerability
If you use Linux and Bluetooth, there’s a new security vulnerability you need to know about: CVE-2024-35933. This long-read post breaks down what the
CVE-2024-27399 - Null Pointer Dereference Race in Linux Bluetooth l2cap_chan_timeout (Explained for Everyone)
- [Code Snippets/Diff](#code)
[Summary for Users](#summary)
What is CVE-2024-27399?
CVE-2024-27399 is a recently fixed vulnerability in the Linux kernel's Bluetooth
Episode
00:00:00
00:00:00