4 matches found
CVE-2024-41062 bluetooth/l2cap: sync sock recv cb and release
In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hcirxwork, where the former releases the sock and the latter accesses it without lock protection. CPU0 CPU1 ---- ----...
CVE-2024-41062
CVE-2024-41062 affects the Linux kernel Bluetooth L2CAP code. A race exists between closing a socket and the HCI receive work: if hci_rx_work processes pending data after sock_close releases the sock, the work may access an invalid sock. Root cause: lack of synchronization between sock release an...
CVE-2024-41062 bluetooth/l2cap: sync sock recv cb and release
In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hcirxwork, where the former releases the sock and the latter accesses it without lock protection. CPU0 CPU1 ---- ----...
CVE-2024-36968 Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range. Move MTU from hcidev to hciconn to validate MTU and...