CVE-2024-50148
Vulnerability from cvelistv5
Published
2024-11-07 09:31
Modified
2024-11-08 15:58
Severity ?
Summary
Bluetooth: bnep: fix wild-memory-access in proto_unregister
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/03015b6329e6de42f03ec917c25c4cf944f81f66
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/20c424bc475b2b2a6e0e2225d2aae095c2ab2f41
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2c439470b23d78095a0d2f923342df58b155f669
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/64a90991ba8d4e32e3173ddd83d0b24167a5668c
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6c151aeb6dc414db8f4daf51be072e802fae6667
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d10cd7bf574ead01fae140ce117a11bcdacbe6a8
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/e232728242c4e98fb30e4c6bedb6ba8b482b6301
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fa58e23ea1359bd24b323916d191e2e9b4b19783
Impacted products
LinuxLinux
LinuxLinux
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/bluetooth/bnep/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e232728242c4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "2c439470b23d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "6c151aeb6dc4",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "fa58e23ea135",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "03015b6329e6",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "d10cd7bf574e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "20c424bc475b",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "64a90991ba8d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/bluetooth/bnep/core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.12"
            },
            {
              "lessThan": "2.6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.323",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.285",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.229",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.170",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.115",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.59",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.11.*",
              "status": "unaffected",
              "version": "6.11.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.12-rc4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: fix wild-memory-access in proto_unregister\n\nThere\u0027s issue as follows:\n  KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\n  CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G        W\n  RIP: 0010:proto_unregister+0xee/0x400\n  Call Trace:\n   \u003cTASK\u003e\n   __do_sys_delete_module+0x318/0x580\n   do_syscall_64+0xc1/0x1d0\n   entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAs bnep_init() ignore bnep_sock_init()\u0027s return value, and bnep_sock_init()\nwill cleanup all resource. Then when remove bnep module will call\nbnep_sock_cleanup() to cleanup sock\u0027s resource.\nTo solve above issue just return bnep_sock_init()\u0027s return value in\nbnep_exit()."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-08T15:58:52.366Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e232728242c4e98fb30e4c6bedb6ba8b482b6301"
        },
        {
          "url": "https://git.kernel.org/stable/c/2c439470b23d78095a0d2f923342df58b155f669"
        },
        {
          "url": "https://git.kernel.org/stable/c/6c151aeb6dc414db8f4daf51be072e802fae6667"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa58e23ea1359bd24b323916d191e2e9b4b19783"
        },
        {
          "url": "https://git.kernel.org/stable/c/03015b6329e6de42f03ec917c25c4cf944f81f66"
        },
        {
          "url": "https://git.kernel.org/stable/c/d10cd7bf574ead01fae140ce117a11bcdacbe6a8"
        },
        {
          "url": "https://git.kernel.org/stable/c/20c424bc475b2b2a6e0e2225d2aae095c2ab2f41"
        },
        {
          "url": "https://git.kernel.org/stable/c/64a90991ba8d4e32e3173ddd83d0b24167a5668c"
        }
      ],
      "title": "Bluetooth: bnep: fix wild-memory-access in proto_unregister",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-50148",
    "datePublished": "2024-11-07T09:31:24.987Z",
    "dateReserved": "2024-10-21T19:36:19.959Z",
    "dateUpdated": "2024-11-08T15:58:52.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-50148\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-07T10:15:06.570\",\"lastModified\":\"2024-11-08T19:01:03.880\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nBluetooth: bnep: fix wild-memory-access in proto_unregister\\n\\nThere\u0027s issue as follows:\\n  KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\\n  CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G        W\\n  RIP: 0010:proto_unregister+0xee/0x400\\n  Call Trace:\\n   \u003cTASK\u003e\\n   __do_sys_delete_module+0x318/0x580\\n   do_syscall_64+0xc1/0x1d0\\n   entry_SYSCALL_64_after_hwframe+0x77/0x7f\\n\\nAs bnep_init() ignore bnep_sock_init()\u0027s return value, and bnep_sock_init()\\nwill cleanup all resource. Then when remove bnep module will call\\nbnep_sock_cleanup() to cleanup sock\u0027s resource.\\nTo solve above issue just return bnep_sock_init()\u0027s return value in\\nbnep_exit().\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: bnep: corrige wild-memory-access en proto_unregister Hay un problema como el siguiente: KASAN: tal vez wild-memory-access en el rango [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: GW RIP: 0010:proto_unregister+0xee/0x400 Seguimiento de llamadas:  __do_sys_delete_module+0x318/0x580 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Como bnep_init() ignora el valor de retorno de bnep_sock_init(), y bnep_sock_init() limpiar\u00e1 Todos los recursos. Luego, cuando se elimine el m\u00f3dulo bnep, se llamar\u00e1 a bnep_sock_cleanup() para limpiar el recurso de Sock. Para resolver el problema anterior, simplemente devuelva el valor de retorno de bnep_sock_init() en bnep_exit().\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/03015b6329e6de42f03ec917c25c4cf944f81f66\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/20c424bc475b2b2a6e0e2225d2aae095c2ab2f41\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2c439470b23d78095a0d2f923342df58b155f669\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/64a90991ba8d4e32e3173ddd83d0b24167a5668c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6c151aeb6dc414db8f4daf51be072e802fae6667\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d10cd7bf574ead01fae140ce117a11bcdacbe6a8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e232728242c4e98fb30e4c6bedb6ba8b482b6301\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fa58e23ea1359bd24b323916d191e2e9b4b19783\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.