CVE-2024-35963
📋 TL;DR
This CVE-2024-35963 is a vulnerability in the Linux kernel's Bluetooth subsystem where the hci_sock module fails to properly validate user input length when handling setsockopt calls. This allows local attackers to potentially trigger memory corruption or kernel crashes. The vulnerability affects systems with Bluetooth functionality enabled in the Linux kernel.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to kernel-level code execution, potentially leading to full system compromise.
Likely Case
Kernel panic or system crash causing denial of service, or limited memory corruption leading to system instability.
If Mitigated
No impact if Bluetooth functionality is disabled or proper input validation is implemented.
🎯 Exploit Status
Exploitation requires local access and knowledge of kernel memory layout. No public exploit code has been identified at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits: 0c18a64039aa3f1c16f208d197c65076da798137, 50173882bb187e70e37bac01385b9b114019bee2, 781f3a97a38a338bc893b6db7f9f9670bf1a9e37, b2186061d6043d6345a97100460363e990af0d46)
Vendor Advisory: https://git.kernel.org/stable/c/0c18a64039aa3f1c16f208d197c65076da798137
Restart Required: Yes
Instructions:
1. Update to a patched kernel version from your distribution's repositories. 2. Reboot the system to load the new kernel. 3. Verify the kernel version after reboot.
🔧 Temporary Workarounds
Disable Bluetooth functionality
linuxDisable Bluetooth kernel modules to prevent exploitation
sudo modprobe -r btusb
sudo modprobe -r bluetooth
echo 'blacklist bluetooth' | sudo tee /etc/modprobe.d/blacklist-bluetooth.conf
🧯 If You Can't Patch
- Disable Bluetooth functionality using kernel module blacklisting
- Implement strict access controls to limit local user privileges
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with patched versions from distribution vendor. Check if Bluetooth modules are loaded: lsmod | grep -i bluetoothCheck Version:
uname -rVerify Fix Applied:
Verify kernel version after update matches patched version. Check that Bluetooth functionality still works if needed.📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- System crash dumps
- Bluetooth subsystem errors in dmesg
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
Search for kernel panic events or Bluetooth subsystem crashes in system logs🔗 References
- https://git.kernel.org/stable/c/0c18a64039aa3f1c16f208d197c65076da798137
- https://git.kernel.org/stable/c/50173882bb187e70e37bac01385b9b114019bee2
- https://git.kernel.org/stable/c/781f3a97a38a338bc893b6db7f9f9670bf1a9e37
- https://git.kernel.org/stable/c/b2186061d6043d6345a97100460363e990af0d46
- https://git.kernel.org/stable/c/50173882bb187e70e37bac01385b9b114019bee2
- https://git.kernel.org/stable/c/b2186061d6043d6345a97100460363e990af0d46
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
