CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
First published: Mon Oct 21 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed If mgmt_index_removed is called while there are commands queued on cmd_sync it could lead to crashes like the bellow trace: 0x0000053D: __list_del_entry_valid_or_report+0x98/0xdc 0x0000053D: mgmt_pending_remove+0x18/0x58 [bluetooth] 0x0000053E: mgmt_remove_adv_monitor_complete+0x80/0x108 [bluetooth] 0x0000053E: hci_cmd_sync_work+0xbc/0x164 [bluetooth] So while handling mgmt_index_removed this attempts to dequeue commands passed as user_data to cmd_sync.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | >=6.0<6.6.55 | |
| Linux Kernel | >=6.7<6.10.14 | |
| Linux Kernel | >=6.11<6.11.3 | |
| Linux Kernel | =6.12-rc1 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/19b40ca62607cef78369549d1af091f2fd558931
- https://git.kernel.org/stable/c/4883296505aa7e4863c6869b689afb6005633b23
- https://git.kernel.org/stable/c/0cc47233af35fb5f10b5e6a027cb4ccd480caf9a
- https://git.kernel.org/stable/c/8c3f7943a29145d8a2d8e24893762f7673323eae
- https://git.kernel.org/stable/c/f53e1c9c726d83092167f2226f32bd3b73f26c21
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49951
- https://nvd.nist.gov/vuln/detail/CVE-2024-49951
- https://launchpad.net/bugs/cve/CVE-2024-49951
- https://security-tracker.debian.org/tracker/CVE-2024-49951
- https://ubuntu.com/security/CVE-2024-49951
- https://git.kernel.org/linus/f53e1c9c726d83092167f2226f32bd3b73f26c21
Frequently Asked Questions
What is the severity of CVE-2024-49951?
CVE-2024-49951 has not been assigned a specific severity rating, but it poses a risk of crashes in the Linux kernel.
How do I fix CVE-2024-49951?
To fix CVE-2024-49951, update your Linux kernel to a version that includes the patch addressing this vulnerability.
Which versions of the Linux kernel are affected by CVE-2024-49951?
CVE-2024-49951 affects Linux kernel versions between 6.0 and 6.6.55, 6.7 to 6.10.14, 6.11 to 6.11.3, and the exact version 6.12-rc1.
What are the symptoms of CVE-2024-49951?
Symptoms of CVE-2024-49951 may include unexpected crashes in systems using affected Linux kernel versions.
Is CVE-2024-49951 exploitable?
CVE-2024-49951 can potentially be exploited if the mgmt_index_removed function is called while commands are queued, leading to instability.
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- agent/remedy
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/usn-cve
- source/Ubuntu
- collector/launchpad-cve
- source/Launchpad
- collector/nvd-cve
- collector/security-tracker-debian
- source/Debian
- agent/source
- agent/references
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- vendor/linux
- canonical/linux kernel
- version/linux kernel/6.0
- version/linux kernel/6.7
- version/linux kernel/6.11
- version/linux kernel/6.12-rc1
- package-manager/debian