Multiple Cisco Application Policy Infrastructure Vulnerabilities
September 2, 2024FormBook Malware – Active IOCs
September 3, 2024Multiple Cisco Application Policy Infrastructure Vulnerabilities
September 2, 2024FormBook Malware – Active IOCs
September 3, 2024Severity
Medium
Analysis Summary
CVE-2024-35966
Linux Kernel is vulnerable to a denial of service, caused by not validating setsockopt user input by the Bluetooth: RFCOMM module. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-35966
Affected Vendors
Affected Products
- Linux Kernel 6.1
- Linux Kernel 6.6
- Linux Kernel 6.8
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.