CVE-2024-50044
Published: Oct 21, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it causing the following trace: ====================================================== WARNING: possible circular locking dependency detected 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted ------------------------------------------------------ syz-executor386/5093 is trying to acquire lock: ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1671 [inline] ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73 but task is already holding lock: ffff88807badfd28 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 3241ad820dbb172021e0268b5611031991431626 - < b77b3fb12fd483cae7c28648903b1d8a6b275f01affected 3241ad820dbb172021e0268b5611031991431626 - < 869c6ee62ab8f01bf2419e45326642be5c9b670aaffected 3241ad820dbb172021e0268b5611031991431626 - < ef44274dae9b0a90d1a97ce8b242a3b8243a7745affected 3241ad820dbb172021e0268b5611031991431626 - < 496b2ab0fd10f205e08909a125485fdc98843dbeaffected 3241ad820dbb172021e0268b5611031991431626 - < ced98072d3511b232ae1d3347945f35f30c0e303+3 more versions |
Linux | Linux | affected 2.6.27unaffected 0 - < 2.6.27unaffected 4.19.323 - <= 4.19.*unaffected 5.4.285 - <= 5.4.*unaffected 5.10.227 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now