Linux Kernel Bluetooth Vulnerability Affects Realtek USB Dongles
CVE-2024-57987

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Linux kernel's Bluetooth implementation related to the Realtek chipset was identified. When a USB dongle with an unrecognized chip ID is inserted, the system will access a NULL pointer, leading to potential instability and crashes. This issue has been addressed by adding a NULL check at the affected function, btrtl_setup_realtek, ensuring a more stable experience when connecting USB devices.

Affected Version(s)

Linux b39910bb54d9ff696caaed4e83ae92a798cd8bf8 < 1158ad8e8abb361d4b2aaa010c9af74de20ab82b

Linux b39910bb54d9ff696caaed4e83ae92a798cd8bf8 < 02f9da874e5e4626f81772eacc18967921998a71

Linux b39910bb54d9ff696caaed4e83ae92a798cd8bf8 < 3c15082f3567032d196e8760753373332508c2ca

References

https://git.kernel.org/stable/c/1158ad8e8abb361d4b2aaa010...

https://git.kernel.org/stable/c/02f9da874e5e4626f81772eac...

https://git.kernel.org/stable/c/3c15082f3567032d196e87607...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Feb 27, 2025