CVE-2024-36033
📋 TL;DR
This vulnerability in the Linux kernel's Bluetooth Qualcomm Atheros (qca) driver allows information disclosure when fetching board ID. An attacker could exploit this to leak kernel slab data, potentially exposing sensitive memory contents. Systems using affected Linux kernel versions with Bluetooth hardware are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure leading to information leakage that could facilitate further attacks, including potential privilege escalation if combined with other vulnerabilities.
Likely Case
Information disclosure of kernel memory contents, potentially exposing sensitive data or system information.
If Mitigated
Minimal impact if Bluetooth is disabled or the system is not using affected hardware.
🎯 Exploit Status
Exploitation requires local access and knowledge of the vulnerability. No public exploits are known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in stable kernel commits: 0adcf6be1445ed50bfd4a451a7a782568f270197, a3dff121a7f5104c4c2d47edaa2351837ef645dd, ba307abed5e09759845c735ba036f8c12f55b209, bcccdc947d2ca5972b1e92d0dea10803ddc08ceb, f30c37cb4549baf8377434892d520fe7769bdba7
Vendor Advisory: https://git.kernel.org/stable/c/0adcf6be1445ed50bfd4a451a7a782568f270197
Restart Required: Yes
Instructions:
1. Update to a patched Linux kernel version from your distribution's repositories. 2. Reboot the system to load the new kernel. 3. Verify the patch is applied by checking kernel version.
🔧 Temporary Workarounds
Disable Bluetooth
linuxDisable Bluetooth functionality to prevent exploitation
sudo systemctl stop bluetooth
sudo systemctl disable bluetooth
sudo rfkill block bluetooth
Blacklist qca driver
linuxPrevent loading of the vulnerable qca driver
echo 'blacklist btqca' | sudo tee /etc/modprobe.d/blacklist-btqca.conf
sudo update-initramfs -u
sudo reboot
🧯 If You Can't Patch
- Disable Bluetooth functionality completely
- Implement strict access controls to limit local user access to vulnerable systems
🔍 How to Verify
Check if Vulnerable:
Check if Bluetooth is enabled and qca driver is loaded: lsmod | grep btqcaCheck Version:
uname -rVerify Fix Applied:
Check kernel version against patched versions from your distribution's security advisories📡 Detection & Monitoring
Log Indicators:
- Kernel logs showing Bluetooth firmware requests or qca driver activity
Network Indicators:
- Bluetooth scanning or connection attempts from unauthorized sources
SIEM Query:
process:bluetooth OR driver:btqca AND event_type:info_leak🔗 References
- https://git.kernel.org/stable/c/0adcf6be1445ed50bfd4a451a7a782568f270197
- https://git.kernel.org/stable/c/a3dff121a7f5104c4c2d47edaa2351837ef645dd
- https://git.kernel.org/stable/c/ba307abed5e09759845c735ba036f8c12f55b209
- https://git.kernel.org/stable/c/bcccdc947d2ca5972b1e92d0dea10803ddc08ceb
- https://git.kernel.org/stable/c/f30c37cb4549baf8377434892d520fe7769bdba7
- https://git.kernel.org/stable/c/0adcf6be1445ed50bfd4a451a7a782568f270197
- https://git.kernel.org/stable/c/a3dff121a7f5104c4c2d47edaa2351837ef645dd
- https://git.kernel.org/stable/c/ba307abed5e09759845c735ba036f8c12f55b209
- https://git.kernel.org/stable/c/bcccdc947d2ca5972b1e92d0dea10803ddc08ceb
- https://git.kernel.org/stable/c/f30c37cb4549baf8377434892d520fe7769bdba7
