CVE-2024-57987

low-risk

Published 2025-02-27

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() If insert an USB dongle which chip is not maintained in ic_id_table, it will hit the NULL point accessed. Add a null point check to avoid the Kernel Oops.

Do I need to act?

0.08% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (3)

Mailing List https://git.kernel.org/stable/c/02f9da874e5e4626f81772eacc18967921998a71

Mailing List https://git.kernel.org/stable/c/1158ad8e8abb361d4b2aaa010c9af74de20ab82b

Mailing List https://git.kernel.org/stable/c/3c15082f3567032d196e8760753373332508c2ca

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal