Advisory Published
CVE Published
Updated

CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock

First published: Wed Apr 17 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: af_bluetooth: Fix deadlock Attemting to do sock_lock on .recvmsg may cause a deadlock as shown bellow, so instead of using sock_sock this uses sk_receive_queue.lock on bt_sock_ioctl to avoid the UAF: INFO: task kworker/u9:1:121 blocked for more than 30 seconds. Not tainted 6.7.6-lemon #183 Workqueue: hci0 hci_rx_work Call Trace: <TASK> __schedule+0x37d/0xa00 schedule+0x32/0xe0 __lock_sock+0x68/0xa0 ? __pfx_autoremove_wake_function+0x10/0x10 lock_sock_nested+0x43/0x50 l2cap_sock_recv_cb+0x21/0xa0 l2cap_recv_frame+0x55b/0x30a0 ? psi_task_switch+0xeb/0x270 ? finish_task_switch.isra.0+0x93/0x2a0 hci_rx_work+0x33a/0x3f0 process_one_work+0x13a/0x2f0 worker_thread+0x2f0/0x410 ? __pfx_worker_thread+0x10/0x10 kthread+0xe0/0x110 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2c/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 </TASK>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
debian/linux<=5.10.218-1<=5.10.221-1
6.1.94-1
6.1.99-1
6.9.10-1
6.9.12-1
ubuntu/linux<4.15.0-227.239
4.15.0-227.239
ubuntu/linux<5.15.0-117.127
5.15.0-117.127
ubuntu/linux<6.8.0-35.35
6.8.0-35.35
ubuntu/linux<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux<4.4.0-257.291
4.4.0-257.291
ubuntu/linux-aws<4.15.0-1170.183
4.15.0-1170.183
ubuntu/linux-aws<5.15.0-1066.72
5.15.0-1066.72
ubuntu/linux-aws<6.8.0-1009.9
6.8.0-1009.9
ubuntu/linux-aws<4.4.0-1134.140
4.4.0-1134.140
ubuntu/linux-aws<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-aws<4.4.0-1172.187
4.4.0-1172.187
ubuntu/linux-aws-5.15<5.15.0-1066.72~20.04.1
5.15.0-1066.72~20.04.1
ubuntu/linux-aws-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-aws-5.4<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-aws-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-aws-fips<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-aws-hwe<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-aws-hwe<4.15.0-1170.183~16.04.1
4.15.0-1170.183~16.04.1
ubuntu/linux-azure<6.8.0-1008.8
6.8.0-1008.8
ubuntu/linux-azure<4.15.0-1179.194~14.04.1
4.15.0-1179.194~14.04.1
ubuntu/linux-azure<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-azure-4.15<4.15.0-1179.194
4.15.0-1179.194
ubuntu/linux-azure-4.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-azure-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-azure-5.4<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-azure-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-azure-fde<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-azure-fde-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-azure-fips<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-bluefield<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-fips<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gcp<5.15.0-1065.73
5.15.0-1065.73
ubuntu/linux-gcp<6.8.0-1008.9
6.8.0-1008.9
ubuntu/linux-gcp<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gcp<4.15.0-1164.181~16.04.1
4.15.0-1164.181~16.04.1
ubuntu/linux-gcp-4.15<4.15.0-1164.181
4.15.0-1164.181
ubuntu/linux-gcp-4.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gcp-5.15<5.15.0-1065.73~20.04.1
5.15.0-1065.73~20.04.1
ubuntu/linux-gcp-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gcp-5.4<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gcp-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gcp-fips<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gke<5.15.0-1063.69
5.15.0-1063.69
ubuntu/linux-gke<6.8.0-1004.7
6.8.0-1004.7
ubuntu/linux-gke<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gkeop<5.15.0-1049.56
5.15.0-1049.56
ubuntu/linux-gkeop<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-gkeop-5.15<5.15.0-1049.56~20.04.1
5.15.0-1049.56~20.04.1
ubuntu/linux-gkeop-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-hwe<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-hwe<4.15.0-227.239~16.04.1
4.15.0-227.239~16.04.1
ubuntu/linux-hwe-5.15<5.15.0-117.127~20.04.1
5.15.0-117.127~20.04.1
ubuntu/linux-hwe-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-hwe-5.4<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-hwe-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-ibm<5.15.0-1059.62
5.15.0-1059.62
ubuntu/linux-ibm<6.8.0-1006.6
6.8.0-1006.6
ubuntu/linux-ibm<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-ibm-5.15<5.15.0-1059.62~20.04.1
5.15.0-1059.62~20.04.1
ubuntu/linux-ibm-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-ibm-5.4<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-intel<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-intel-iotg<5.15.0-1061.67
5.15.0-1061.67
ubuntu/linux-intel-iotg<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-intel-iotg-5.15<5.15.0-1061.67~20.04.1
5.15.0-1061.67~20.04.1
ubuntu/linux-intel-iotg-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-iot<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-kvm<4.15.0-1154.159
4.15.0-1154.159
ubuntu/linux-kvm<5.15.0-1063.68
5.15.0-1063.68
ubuntu/linux-kvm<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-kvm<4.4.0-1135.145
4.4.0-1135.145
ubuntu/linux-laptop<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-lowlatency<5.15.0-117.127
5.15.0-117.127
ubuntu/linux-lowlatency<6.8.0-35.35.1
6.8.0-35.35.1
ubuntu/linux-lowlatency<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-lowlatency-hwe-5.15<5.15.0-117.127~20.04.1
5.15.0-117.127~20.04.1
ubuntu/linux-lowlatency-hwe-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-lowlatency-hwe-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-lts-xenial<4.4.0-257.291~14.04.1
4.4.0-257.291~14.04.1
ubuntu/linux-lts-xenial<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-nvidia<5.15.0-1061.62
5.15.0-1061.62
ubuntu/linux-nvidia<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-nvidia-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-nvidia-6.8<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-nvidia-lowlatency<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-oem-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-oem-6.8<6.8.0-1006.6
6.8.0-1006.6
ubuntu/linux-oem-6.8<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-oracle<4.15.0-1133.144
4.15.0-1133.144
ubuntu/linux-oracle<5.15.0-1064.70
5.15.0-1064.70
ubuntu/linux-oracle<6.8.0-1006.6
6.8.0-1006.6
ubuntu/linux-oracle<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-oracle<4.15.0-1133.144~16.04.1
4.15.0-1133.144~16.04.1
ubuntu/linux-oracle-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-oracle-5.4<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-oracle-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-raspi<5.15.0-1059.62
5.15.0-1059.62
ubuntu/linux-raspi<6.8.0-1005.5
6.8.0-1005.5
ubuntu/linux-raspi<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-raspi-5.4<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-riscv<6.8.0-35.35.1
6.8.0-35.35.1
ubuntu/linux-riscv<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-riscv-5.15<5.15.0-1062.66~20.04.1
5.15.0-1062.66~20.04.1
ubuntu/linux-riscv-5.15<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-riscv-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-starfive<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-starfive-6.5<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2
ubuntu/linux-xilinx-zynqmp<6.9~<5.15.<6.8.2
6.9~
5.15.
6.8.2

Remedy

https://git.kernel.org/linus/2e07e8348ea454615e268222ae3fc240421be768

Remedy

https://git.kernel.org/linus/f7b94bdc1ec107c92262716b073b3e816d4784fb

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203