7.8
CVE-2024-50125
- EPSS 0.23%
- Veröffentlicht 05.11.2024 18:15:15
- Zuletzt bearbeitet 03.11.2025 23:16:52
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
Bluetooth: SCO: Fix UAF on sco_sock_timeout
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.15 < 6.1.115
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.59
Linux ≫ Linux Kernel Version >= 6.7 < 6.11.6
Linux ≫ Linux Kernel Version4.14.263
Linux ≫ Linux Kernel Version4.19.207
Linux ≫ Linux Kernel Version5.4.148
Linux ≫ Linux Kernel Version5.10.67
Linux ≫ Linux Kernel Version5.13.19
Linux ≫ Linux Kernel Version5.14.6
Linux ≫ Linux Kernel Version6.12 Updaterc1
Linux ≫ Linux Kernel Version6.12 Updaterc2
Linux ≫ Linux Kernel Version6.12 Updaterc3
Linux ≫ Linux Kernel Version6.12 Updaterc4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.136 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/1bf4470a3939c678fb822073e9ea77a0560bc6bb
https://git.kernel.org/stable/c/80b05fbfa998480fb3d5299d93eab946f51e9c36
https://git.kernel.org/stable/c/9ddda5d967e84796e7df1b54a55f36b4b9f21079
https://git.kernel.org/stable/c/d30803f6a972b5b9e26d1d43b583c7ec151de04b
https://git.kernel.org/stable/c/74a466a15731a754bcd8b5a83c126b5122e15a45
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html