PT-2024-27206 · Linux+6 · Linux Kernel+6

Syzbot

·

Published

2024-04-08

·

Updated

2026-05-26

·

CVE-2024-36915

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0
Description The vulnerability is related to unsafe copies in the nfc llcp setsockopt() function. Syzbot reported unsafe calls to copy from sockptr(). The issue can be resolved by using copy safe from sockptr() instead. The vulnerability is caused by a slab-out-of-bounds error in copy from sockptr offset and copy from sockptr functions. The error occurs when reading a size of 4 at address ffff88801caa1ec3 by task syz-executor459/5078. The call trace indicates that the issue is related to the nfc llcp setsockopt+0x6c2/0x850 function in net/nfc/llcp sock.c.
Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the nfc llcp setsockopt() function. As a temporary workaround, consider disabling the nfc llcp setsockopt() function until a patch is available.

Exploit

Fix

DoS

Out of bounds Read

Weakness Enumeration

CWE-125

Related Identifiers

BDU:2025-08069
CVE-2024-36915
DLA-4008-1
DSA-5818-1
OESA-2024-2183
OESA-2024-2185
OESA-2024-2258
OESA-2024-2296
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
OPENSUSE-SU-2025_0117-1
OPENSUSE-SU-2025_0154-1
OPENSUSE-SU-2025_0201-1
OPENSUSE-SU-2025_0229-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:0117-1
SUSE-SU-2025:0154-1
SUSE-SU-2025:0201-1
SUSE-SU-2025:0201-2
SUSE-SU-2025:0229-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025_0201-1
SUSE-SU-2025_0201-2
USN-6949-1
USN-6949-2
USN-6952-1
USN-6952-2
USN-6955-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu