cve/2024/CVE-2024-35851.md

### [CVE-2024-35851](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35851)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=c1a74160eaf1%3C%2052f9041deaca%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In the Linux kernel, the following vulnerability has been resolved:Bluetooth: qca: fix NULL-deref on non-serdev suspendQualcomm ROME controllers can be registered from the Bluetooth linediscipline and in this case the HCI UART serdev pointer is NULL.Add the missing sanity check to prevent a NULL-pointer dereference whenwakeup() is called for a non-serdev controller during suspend.Just return true for now to restore the original behaviour and addressthe crash with pre-6.2 kernels, which do not have commit e9b3e5b8c657("Bluetooth: hci_qca: only assign wakeup with serial port support") thatcauses the crash to happen already at setup() time.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds