Lucene search
K

228 matches found

OSV
OSV
added 2024/12/27 3:15 p.m.5 views

AZL-55611 CVE-2024-56604 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc btsockalloc attaches allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave the dangling pointer in th...

7.8CVSS6.3AI score0.00219EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.16 views

AZL-55485 CVE-2024-56604 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc btsockalloc attaches allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave the dangling pointer in th...

7.8CVSS6.3AI score0.00219EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.1 views

UBUNTU-CVE-2024-56604

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc btsockalloc attaches allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave the dangling pointer in th...

7.8CVSS6.1AI score0.00219EPSS
Exploits0References21
Cvelist
Cvelist
added 2024/12/27 2:51 p.m.19 views

CVE-2024-56604 Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc btsockalloc attaches allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave the dangling pointer in th...

0.00219EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/12/27 2:51 p.m.8 views

CVE-2024-56604

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc btsockalloc attaches allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave the dangling pointer in th...

7.8CVSS5.5AI score0.00219EPSS
Exploits0
CVE
CVE
added 2024/12/27 2:51 p.m.171 views

CVE-2024-56604

Summary (CVE-2024-56604): In the Linux kernel, Bluetooth RFCOMM can leave a dangling sk pointer in rfcomm_sock_alloc() when rfcomm_dlc_alloc() fails, leading to a use-after-free. The root cause is bt_sock_alloc() attaching the sk to the sock object and the code path not clearing the pointer on fa...

7.8CVSS6.5AI score0.00219EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/27 2:51 p.m.18 views

CVE-2024-56604 Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc btsockalloc attaches allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave the dangling pointer in th...

7.5AI score0.00219EPSS
Exploits0References4
OSV
OSV
added 2024/12/27 2:51 p.m.13 views

CVE-2024-56604 Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc btsockalloc attaches allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave the dangling pointer in th...

7.8CVSS5.9AI score0.00219EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity The Linux kernel CVE team has assigned CVE-2024-26903 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024041745-CVE-2024-26903-de5c@gregkh...

5.5CVSS6.4AI score0.00279EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.5 views

kernel: NULL Pointer dereference bluetooth allows Overflow Buffers

A NULL pointer dereference vulnerability was found in the Linux kernel in rfcommchecksecurity. This issue may lead to buffer overflows...

6.3CVSS7.4AI score0.00615EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/10/22 11:39 a.m.8 views

CVE-2024-50044

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to use socklock so it must never be called with it locked but rfcommsockioctl always attempt to lock it causing the following trace:...

4.7CVSS7.1AI score0.00187EPSS
Exploits0References4
NVD
NVD
added 2024/10/21 8:15 p.m.23 views

CVE-2024-50044

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to use socklock so it must never be called with it locked but rfcommsockioctl always attempt to lock it causing the following trace:...

3.3CVSS0.00187EPSS
Exploits0References12
OSV
OSV
added 2024/10/21 8:15 p.m.14 views

AZL-51123 CVE-2024-50044 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to use socklock so it must never be called with it locked but rfcommsockioctl always attempt to lock it causing the following trace:...

3.3CVSS6.8AI score0.00187EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/21 7:39 p.m.31 views

CVE-2024-50044 Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to use socklock so it must never be called with it locked but rfcommsockioctl always attempt to lock it causing the following trace:...

6.8AI score0.00187EPSS
Exploits0References8
CVE
CVE
added 2024/10/21 7:39 p.m.206 views

CVE-2024-50044

CVE-2024-50044 affects the Linux kernel Bluetooth RFCOMM path. The issue is a deadlock in rfcomm_sk_state_change caused by rfcomm_sock_ioctl attempting to lock sock_lock while another path already holds the lock, creating circular locking. The vulnerability is resolved in kernel code by ensuring ...

3.3CVSS3.4AI score0.00187EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2024/10/21 7:39 p.m.12 views

CVE-2024-50044 Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to use socklock so it must never be called with it locked but rfcommsockioctl always attempt to lock it causing the following trace:...

3.3CVSS6.1AI score0.00187EPSS
Exploits0References15
Cvelist
Cvelist
added 2024/10/21 7:39 p.m.35 views

CVE-2024-50044 Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to use socklock so it must never be called with it locked but rfcommsockioctl always attempt to lock it causing the following trace:...

0.00187EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.5 views

PT-2024-36912

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A vulnerability in the Linux kernel's Bluetooth RFCOMM implementation could lead to a use-after-free issue. This occurs because bt sock alloc attaches an allocated sk object to the provided soc...

7.8CVSS5.4AI score0.00219EPSS
Exploits0
OSV
OSV
added 2024/09/13 7:5 p.m.6 views

CVE-2024-6258 BT: Missing length checks of net_buf in rfcomm_handle_data

BT: Missing length checks of netbuf in rfcommhandledata...

6.8CVSS5.9AI score0.00433EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.6 views

PT-2024-37489

Name of the Vulnerable Software and Affected Versions: Linux Kernel's RFCOMM Module affected versions not specified Description: The issue is related to a buffer overflow vulnerability due to missing length checks of net buf in the rfcomm handle data function. Recommendations: At the moment, ther...

6.8CVSS6.7AI score0.00433EPSS
Exploits1References6
Rows per page
Query Builder