CVE-2024-50125

Published Nov 5, 2024

Last updated 3 months ago

CVSS high 7.8

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-416
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-416

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A9290B0-2AD4-446E-B1DB-DA1FA8D39207",
            "versionEndExcluding": "6.1.115",
            "versionStartIncluding": "5.15"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D15CA59-D15C-4ACD-8B03-A072DEAD2081",
            "versionEndExcluding": "6.6.59",
            "versionStartIncluding": "6.2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4486B12-007B-4794-9857-F07145637AA1",
            "versionEndExcluding": "6.11.6",
            "versionStartIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.14.263:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C20561F0-C119-4858-8A45-53627BDB3A85"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.19.207:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE4696E1-1AF7-48BF-A760-D1647592A16C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.4.148:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB3797F7-1847-4EA2-9831-1204B46DDBA6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.10.67:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D53E7BD-B23C-452F-8A0A-5C0A9F3B544D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.13.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EE38667-C006-40E7-9160-BA9129F4EB63"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.14.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D94E8C9-DE54-40B9-97B2-454977B0E224"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References