- Description
- In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
(CVE-2024-50124)[Bluetooth][ISO]UAF on iso_sock_timeout https://t.co/tz57wBF3BE (CVE-2024-50125)[Bluetooth][SCO]UAF on sco_sock_timeout https://t.co/IHuJIMd2bF Also fixed in Android Common Kernels: https://t.co/d17bpBCTey https://t.co/cdWzDLqO4C https://t.co/lGudXpPue5
@xvonfers
6 Nov 2024
549 Impressions
0 Retweets
3 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2024-50124 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waitin… https://t.co/zjBGEeC7Zr
@CVEnew
5 Nov 2024
158 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D4E0070-638A-4AE7-A4DC-10C3C08F90F1",
"versionEndExcluding": "6.1.115",
"versionStartIncluding": "6.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D15CA59-D15C-4ACD-8B03-A072DEAD2081",
"versionEndExcluding": "6.6.59",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4486B12-007B-4794-9857-F07145637AA1",
"versionEndExcluding": "6.11.6",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
}
],
"operator": "OR"
}
]
}
]