{"vulnerability": "CVE-2024-50255", "sightings": [{"uuid": "be331186-1f8d-4fe7-9c7e-1bac58668584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50255", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113453077709726251", "content": "", "creation_timestamp": "2024-11-09T12:49:42.020183Z"}, {"uuid": "1814a322-151b-4593-a908-a6fb8afd39f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50255", "type": "seen", "source": "https://t.me/cvedetector/10313", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50255 - Apache Bluetooth null pointer dereference vulnerability in hci_read_supported_codecs.\", \n  \"Content\": \"CVE ID : CVE-2024-50255 \nPublished : Nov. 9, 2024, 11:15 a.m. | 40\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nBluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs  \n  \nFix __hci_cmd_sync_sk() to return not NULL for unknown opcodes.  \n  \n__hci_cmd_sync_sk() returns NULL if a command returns a status event.  \nHowever, it also returns NULL where an opcode doesn't exist in the  \nhci_cc table because hci_cmd_complete_evt() assumes status = skb->data[0]  \nfor unknown opcodes.  \nThis leads to null-ptr-deref in cmd_sync for HCI_OP_READ_LOCAL_CODECS as  \nthere is no hci_cc for HCI_OP_READ_LOCAL_CODECS, which always assumes  \nstatus = skb->data[0].  \n  \nKASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]  \nCPU: 1 PID: 2000 Comm: kworker/u9:5 Not tainted 6.9.0-ga6bcb805883c-dirty #10  \nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014  \nWorkqueue: hci7 hci_power_on  \nRIP: 0010:hci_read_supported_codecs+0xb9/0x870 net/bluetooth/hci_codec.c:138  \nCode: 08 48 89 ef e8 b8 c1 8f fd 48 8b 75 00 e9 96 00 00 00 49 89 c6 48 ba 00 00 00 00 00 fc ff df 4c 8d 60 70 4c 89 e3 48 c1 eb 03 <0fb6 04 13 84 c0 0f 85 82 06 00 00 41 83 3c 24 02 77 0a e8 bf 78  \nRSP: 0018:ffff888120bafac8 EFLAGS: 00010212  \nRAX: 0000000000000000 RBX: 000000000000000e RCX: ffff8881173f0040  \nRDX: dffffc0000000000 RSI: ffffffffa58496c0 RDI: ffff88810b9ad1e4  \nRBP: ffff88810b9ac000 R08: ffffffffa77882a7 R09: 1ffffffff4ef1054  \nR10: dffffc0000000000 R11: fffffbfff4ef1055 R12: 0000000000000070  \nR13: 0000000000000000 R14: 0000000000000000 R15: ffff88810b9ac000  \nFS:  0000000000000000(0000) GS:ffff8881f6c00000(0000) knlGS:0000000000000000  \nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \nCR2: 00007f6ddaa3439e CR3: 0000000139764003 CR4: 0000000000770ef0  \nPKRU: 55555554  \nCall Trace:  \n   \n hci_read_local_codecs_sync net/bluetooth/hci_sync.c:4546 [inline]  \n hci_init_stage_sync net/bluetooth/hci_sync.c:3441 [inline]  \n hci_init4_sync net/bluetooth/hci_sync.c:4706 [inline]  \n hci_init_sync net/bluetooth/hci_sync.c:4742 [inline]  \n hci_dev_init_sync net/bluetooth/hci_sync.c:4912 [inline]  \n hci_dev_open_sync+0x19a9/0x2d30 net/bluetooth/hci_sync.c:4994  \n hci_dev_do_open net/bluetooth/hci_core.c:483 [inline]  \n hci_power_on+0x11e/0x560 net/bluetooth/hci_core.c:1015  \n process_one_work kernel/workqueue.c:3267 [inline]  \n process_scheduled_works+0x8ef/0x14f0 kernel/workqueue.c:3348  \n worker_thread+0x91f/0xe50 kernel/workqueue.c:3429  \n kthread+0x2cb/0x360 kernel/kthread.c:388  \n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147  \n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T13:17:32.000000Z"}]}