We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-50148

Bluetooth: bnep: fix wild-memory-access in proto_unregister



Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP: 0010:proto_unregister+0xee/0x400 Call Trace: <TASK> __do_sys_delete_module+0x318/0x580 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f As bnep_init() ignore bnep_sock_init()'s return value, and bnep_sock_init() will cleanup all resource. Then when remove bnep module will call bnep_sock_cleanup() to cleanup sock's resource. To solve above issue just return bnep_sock_init()'s return value in bnep_exit().

Reserved 2024-10-21 | Published 2024-11-07 | Updated 2024-11-19 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f4 before e232728242c4
affected

1da177e4c3f4 before 2c439470b23d
affected

1da177e4c3f4 before 6c151aeb6dc4
affected

1da177e4c3f4 before fa58e23ea135
affected

1da177e4c3f4 before 03015b6329e6
affected

1da177e4c3f4 before d10cd7bf574e
affected

1da177e4c3f4 before 20c424bc475b
affected

1da177e4c3f4 before 64a90991ba8d
affected

Default status
affected

2.6.12
affected

Any version before 2.6.12
unaffected

4.19.323
unaffected

5.4.285
unaffected

5.10.229
unaffected

5.15.170
unaffected

6.1.115
unaffected

6.6.59
unaffected

6.11.6
unaffected

6.12
unaffected

References

git.kernel.org/...c/e232728242c4e98fb30e4c6bedb6ba8b482b6301

git.kernel.org/...c/2c439470b23d78095a0d2f923342df58b155f669

git.kernel.org/...c/6c151aeb6dc414db8f4daf51be072e802fae6667

git.kernel.org/...c/fa58e23ea1359bd24b323916d191e2e9b4b19783

git.kernel.org/...c/03015b6329e6de42f03ec917c25c4cf944f81f66

git.kernel.org/...c/d10cd7bf574ead01fae140ce117a11bcdacbe6a8

git.kernel.org/...c/20c424bc475b2b2a6e0e2225d2aae095c2ab2f41

git.kernel.org/...c/64a90991ba8d4e32e3173ddd83d0b24167a5668c

cve.org (CVE-2024-50148)

nvd.nist.gov (CVE-2024-50148)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-50148

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.