CVE-2024-49951
Published: Oct 21, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed If mgmt_index_removed is called while there are commands queued on cmd_sync it could lead to crashes like the bellow trace: 0x0000053D: __list_del_entry_valid_or_report+0x98/0xdc 0x0000053D: mgmt_pending_remove+0x18/0x58 [bluetooth] 0x0000053E: mgmt_remove_adv_monitor_complete+0x80/0x108 [bluetooth] 0x0000053E: hci_cmd_sync_work+0xbc/0x164 [bluetooth] So while handling mgmt_index_removed this attempts to dequeue commands passed as user_data to cmd_sync.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 7cf5c2978f23fdbb2dd7b4e8b07e362ae2d8211c - < 19b40ca62607cef78369549d1af091f2fd558931affected 7cf5c2978f23fdbb2dd7b4e8b07e362ae2d8211c - < 4883296505aa7e4863c6869b689afb6005633b23affected 7cf5c2978f23fdbb2dd7b4e8b07e362ae2d8211c - < 0cc47233af35fb5f10b5e6a027cb4ccd480caf9aaffected 7cf5c2978f23fdbb2dd7b4e8b07e362ae2d8211c - < 8c3f7943a29145d8a2d8e24893762f7673323eaeaffected 7cf5c2978f23fdbb2dd7b4e8b07e362ae2d8211c - < f53e1c9c726d83092167f2226f32bd3b73f26c21 |
Linux | Linux | affected 6.0unaffected 0 - < 6.0unaffected 6.1.120 - <= 6.1.*unaffected 6.6.55 - <= 6.6.*unaffected 6.10.14 - <= 6.10.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now