CVE-2024-42141
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-42141
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42141.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-42141
- Downstream
- Related
- Published
- 2024-07-30T08:15:05Z
- Modified
- 2024-12-11T15:17:03Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: ISO: Check socket flag instead of hcon
This fixes the following Smatch static checker warning:
net/bluetooth/iso.c:1364 isosockrecvmsg() error: we previously assumed 'pi->conn->hcon' could be null (line 1359)
net/bluetooth/iso.c 1347 static int isosockrecvmsg(struct socket *sock, struct msghdr *msg, 1348 sizet len, int flags) 1349 { 1350 struct sock *sk = sock->sk; 1351 struct isopinfo *pi = isopi(sk); 1352 1353 BTDBG("sk %p", sk); 1354 1355 if (testandclearbit(BTSKDEFERSETUP, &btsk(sk)->flags)) { 1356 locksock(sk); 1357 switch (sk->skstate) { 1358 case BTCONNECT2: 1359 if (pi->conn->hcon && ^^^^^^^^^^^^^^ If ->hcon is NULL
1360 testbit(HCICONNPASYNC, &pi->conn->hcon->flags)) { 1361 isoconnbigsync(sk); 1362 sk->skstate = BTLISTEN; 1363 } else { --> 1364 isoconndeferaccept(pi->conn->hcon); ^^^^^^^^^^^^^^ then we're toast
1365 sk->skstate = BTCONFIG; 1366 } 1367 releasesock(sk); 1368 return 0; 1369 case BTCONNECTED: 1370 if (testbit(BTSKPASYNC,
- References
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source