CVE-2024-50148
- Source
- https://cve.org/CVERecord?id=CVE-2024-50148
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50148.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-50148
- Downstream
- Related
- Published
- 2024-11-07T09:31:24.987Z
- Modified
- 2026-03-20T12:39:36.112177Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Bluetooth: bnep: fix wild-memory-access in proto_unregister
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: bnep: fix wild-memory-access in proto_unregister
There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP: 0010:proto_unregister+0xee/0x400 Call Trace: <TASK> _dosysdeletemodule+0x318/0x580 dosyscall64+0xc1/0x1d0 entrySYSCALL64afterhwframe+0x77/0x7f
As bnepinit() ignore bnepsockinit()'s return value, and bnepsockinit() will cleanup all resource. Then when remove bnep module will call bnepsockcleanup() to cleanup sock's resource. To solve above issue just return bnepsockinit()'s return value in bnepexit().
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50148.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/03015b6329e6de42f03ec917c25c4cf944f81f66
- https://git.kernel.org/stable/c/20c424bc475b2b2a6e0e2225d2aae095c2ab2f41
- https://git.kernel.org/stable/c/2c439470b23d78095a0d2f923342df58b155f669
- https://git.kernel.org/stable/c/64a90991ba8d4e32e3173ddd83d0b24167a5668c
- https://git.kernel.org/stable/c/6c151aeb6dc414db8f4daf51be072e802fae6667
- https://git.kernel.org/stable/c/d10cd7bf574ead01fae140ce117a11bcdacbe6a8
- https://git.kernel.org/stable/c/e232728242c4e98fb30e4c6bedb6ba8b482b6301
- https://git.kernel.org/stable/c/fa58e23ea1359bd24b323916d191e2e9b4b19783
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50148.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-50148
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixede232728242c4e98fb30e4c6bedb6ba8b482b6301Fixed2c439470b23d78095a0d2f923342df58b155f669Fixed6c151aeb6dc414db8f4daf51be072e802fae6667Fixedfa58e23ea1359bd24b323916d191e2e9b4b19783Fixed03015b6329e6de42f03ec917c25c4cf944f81f66Fixedd10cd7bf574ead01fae140ce117a11bcdacbe6a8Fixed20c424bc475b2b2a6e0e2225d2aae095c2ab2f41Fixed64a90991ba8d4e32e3173ddd83d0b24167a5668c