VDB
CISA-2024-50125
CISA-2024-50125
PUBLISHED
CVSS 7.8 HIGH
Reported by Linux · Published November 5, 2024
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list.
Risk Scores
CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | ba316be1b6a00db7126ed9a39f9bee434a508043, ba316be1b6a00db7126ed9a39f9bee434a508043, ba316be1b6a00db7126ed9a39f9bee434a508043 |
| Linux | Linux | 5.15, 0, 5.15.181 |
| linux | linux_kernel | 5.15, 5.15, 5.15 |
| Linux | Linux | ba316be1b6a00db7126ed9a39f9bee434a508043, ba316be1b6a00db7126ed9a39f9bee434a508043, ba316be1b6a00db7126ed9a39f9bee434a508043 |
Timeline
- Nov 5, 2024 CVE Published
- May 4, 2025 CVE Updated