CVE-2024-36012 Bluetooth: msft: fix slab-use-after-free in msft_do_close()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: fix slab-use-after-free in msftdoclose Tying the msft-data lifetime to hdev by freeing it in hcireleasedev to fix the following case: use msftdoclose msft = hdev-msftdata; if !msft ...1 filterlock; ...4 msftdata;...

Design/Logic Flaw

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in mutexlock in kernel/locking/mutex.c. This is related to mutexcanspinonowner in kernel/locking/mutex.c, btrfsqgroupfreemeta in...