蓝牙:RFCOMM:修复 rfcomm_sk_state_change 中可能出现的死锁(CVE-2024-50044)

admin 2024-10-25 00:42:53 Ali_nvd 来源:ZONE.CI 全球网 0 阅读模式
蓝牙:RFCOMM:修复 rfcomm_sk_state_change 中可能出现的死锁(CVE-2024-50044)

CVE编号

CVE-2024-50044

利用情况

暂无

补丁情况

N/A

披露时间

2024-10-22
漏洞描述
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it causing the following trace: ====================================================== WARNING: possible circular locking dependency detected 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted ------------------------------------------------------ syz-executor386/5093 is trying to acquire lock: ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1671 [inline] ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73 but task is already holding lock: ffff88807badfd28 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
https://git.kernel.org/stable/c/08d1914293dae38350b8088980e59fbc699a72fe
https://git.kernel.org/stable/c/38b2d5a57d125e1c17661b8308c0240c4a43b534
https://git.kernel.org/stable/c/496b2ab0fd10f205e08909a125485fdc98843dbe
https://git.kernel.org/stable/c/4cb9807c9b53bf1e5560420d26f319f528b50268
https://git.kernel.org/stable/c/ced98072d3511b232ae1d3347945f35f30c0e303
https://git.kernel.org/stable/c/ef44274dae9b0a90d1a97ce8b242a3b8243a7745
CVSS3评分 N/A
  • 攻击路径 N/A
  • 攻击复杂度 N/A
  • 权限要求 N/A
  • 影响范围 N/A
  • 用户交互 N/A
  • 可用性 N/A
  • 保密性 N/A
  • 完整性 N/A
N/A
CWE-ID 漏洞类型
- avd.aliyun.com
weinxin
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论:0   参与:  0