ghsa-998p-xc25-r3jq
Vulnerability from github
Published
2024-11-07 12:30
Modified
2024-11-18 21:30
Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: bnep: fix wild-memory-access in proto_unregister
There's issue as follows:
KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]
CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W
RIP: 0010:proto_unregister+0xee/0x400
Call Trace:
As bnep_init() ignore bnep_sock_init()'s return value, and bnep_sock_init() will cleanup all resource. Then when remove bnep module will call bnep_sock_cleanup() to cleanup sock's resource. To solve above issue just return bnep_sock_init()'s return value in bnep_exit().
{ "affected": [], "aliases": [ "CVE-2024-50148" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-11-07T10:15:06Z", "severity": "MODERATE" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: fix wild-memory-access in proto_unregister\n\nThere\u0027s issue as follows:\n KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\n CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W\n RIP: 0010:proto_unregister+0xee/0x400\n Call Trace:\n \u003cTASK\u003e\n __do_sys_delete_module+0x318/0x580\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAs bnep_init() ignore bnep_sock_init()\u0027s return value, and bnep_sock_init()\nwill cleanup all resource. Then when remove bnep module will call\nbnep_sock_cleanup() to cleanup sock\u0027s resource.\nTo solve above issue just return bnep_sock_init()\u0027s return value in\nbnep_exit().", "id": "GHSA-998p-xc25-r3jq", "modified": "2024-11-18T21:30:43Z", "published": "2024-11-07T12:30:34Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50148" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/03015b6329e6de42f03ec917c25c4cf944f81f66" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/20c424bc475b2b2a6e0e2225d2aae095c2ab2f41" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/2c439470b23d78095a0d2f923342df58b155f669" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/64a90991ba8d4e32e3173ddd83d0b24167a5668c" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/6c151aeb6dc414db8f4daf51be072e802fae6667" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/d10cd7bf574ead01fae140ce117a11bcdacbe6a8" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/e232728242c4e98fb30e4c6bedb6ba8b482b6301" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/fa58e23ea1359bd24b323916d191e2e9b4b19783" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.