CVE-2024-56605
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-56605
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56605.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-56605
- Downstream
- Related
- Published
- 2024-12-27T14:51:10.344Z
- Modified
- 2025-11-28T02:35:49.357957Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate()
btsockalloc() allocates the sk object and attaches it to the provided sock object. On error l2capsockalloc() frees the sk object, but the dangling pointer is still attached to the sock object, which may create use-after-free in other code.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56605.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/61686abc2f3c2c67822aa23ce6f160467ec83d35
- https://git.kernel.org/stable/c/7c4f78cdb8e7501e9f92d291a7d956591bf73be9
- https://git.kernel.org/stable/c/8ad09ddc63ace3950ac43db6fbfe25b40f589dd6
- https://git.kernel.org/stable/c/a8677028dd5123e5e525b8195483994d87123de4
- https://git.kernel.org/stable/c/bb2f2342a6ddf7c04f9aefbbfe86104cd138e629
- https://git.kernel.org/stable/c/daa13175a6dea312a76099066cb4cbd4fc959a84
- https://git.kernel.org/stable/c/f6ad641646b67f29c7578dcd6c25813c7dcbf51e
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/56xxx/CVE-2024-56605.json
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-56605
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixedf6ad641646b67f29c7578dcd6c25813c7dcbf51eFixeddaa13175a6dea312a76099066cb4cbd4fc959a84Fixeda8677028dd5123e5e525b8195483994d87123de4Fixedbb2f2342a6ddf7c04f9aefbbfe86104cd138e629Fixed8ad09ddc63ace3950ac43db6fbfe25b40f589dd6Fixed61686abc2f3c2c67822aa23ce6f160467ec83d35Fixed7c4f78cdb8e7501e9f92d291a7d956591bf73be9
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.287
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.231
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.174
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.120
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.66
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.12.5