Linux · Linux Kernel · CVE-2024-43884
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 4.3/6.11-rc5
**Description**
A null pointer dereference issue has been identified in the Linux kernel's Bluetooth functionality, specifically in the `hci conn params add()` function, which does not check for a NULL value. This could lead to a crash. The issue has been resolved by adding error handling to the `pair device()` function.
**Recommendations**
To resolve this issue, update the Linux kernel to a version that includes the fix, which is version 4.3/6.11-rc5 or later.
As a temporary workaround, consider restricting access to the Bluetooth functionality until a patch is available.