In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: ISO: Fix UAF on iso_sock_timeout
conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock
so this checks if the conn->sk is still valid by checking if it part of
iso_sk_list.
References
Configurations
Configuration 1 (hide)
|
History
08 Nov 2024, 20:04
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Linux linux Kernel
Linux |
|
CWE | CWE-416 | |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:* |
|
References | () https://git.kernel.org/stable/c/14bcb721d241e62fdd18f6f434a2ed2ab6e71a9b - Patch | |
References | () https://git.kernel.org/stable/c/246b435ad668596aa0e2bbb9d491b6413861211a - Patch | |
References | () https://git.kernel.org/stable/c/876ac72d535fa94f4ac57bba651987c6f990f646 - Patch | |
References | () https://git.kernel.org/stable/c/d75aad1d3143ca68cda52ff80ac392e1bbd84325 - Patch |
06 Nov 2024, 18:17
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
05 Nov 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-05 18:15
Updated : 2024-12-11 15:15
NVD link : CVE-2024-50124
Mitre link : CVE-2024-50124
CVE.ORG link : CVE-2024-50124
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free