CVE-2024-26888

low-risk
Published 2024-04-17

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: Fix memory leak Fix leaking buffer allocated to send MSFT_OP_LE_MONITOR_ADVERTISEMENT.

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (8)

Patch https://git.kernel.org/stable/c/5987b9f7d9314c7411136005b3a52f61a8cc0911
Patch https://git.kernel.org/stable/c/5cb93417c93716a5404f762f331f5de3653fd952
Patch https://git.kernel.org/stable/c/98e9920c75e0790bff947a00d192d24bf1c724e0
Patch https://git.kernel.org/stable/c/a6e06258f4c31eba0fcd503e19828b5f8fe7b08b
Patch https://git.kernel.org/stable/c/5987b9f7d9314c7411136005b3a52f61a8cc0911
Patch https://git.kernel.org/stable/c/5cb93417c93716a5404f762f331f5de3653fd952
Patch https://git.kernel.org/stable/c/98e9920c75e0790bff947a00d192d24bf1c724e0
Patch https://git.kernel.org/stable/c/a6e06258f4c31eba0fcd503e19828b5f8fe7b08b
23
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal