CVE-2024-50124

Published Nov 5, 2024

Last updated 9 days ago

CVSS high 7.8

Overview

Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

nvd@nist.gov
CWE-416

Social media

Hype score
Not currently trending

  1. (CVE-2024-50124)[Bluetooth][ISO]UAF on iso_sock_timeout https://t.co/tz57wBF3BE (CVE-2024-50125)[Bluetooth][SCO]UAF on sco_sock_timeout https://t.co/IHuJIMd2bF Also fixed in Android Common Kernels: https://t.co/d17bpBCTey https://t.co/cdWzDLqO4C https://t.co/lGudXpPue5

    @xvonfers

    6 Nov 2024

    549 Impressions

    0 Retweets

    3 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-50124 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waitin… https://t.co/zjBGEeC7Zr

    @CVEnew

    5 Nov 2024

    158 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References