#VU98876 Use-after-free in Linux kernel - CVE-2024-49950


Vulnerability identifier: #VU98876

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-49950

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_connect_req() function in net/bluetooth/l2cap_core.c, within the hci_remote_features_evt() function in net/bluetooth/hci_event.c, within the hci_acldata_packet() function in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/b90907696c30172b809aa3dd2f0caffae761e4c6
https://git.kernel.org/stable/c/78d30ce16fdf9c301bcd8b83ce613cea079cea83
https://git.kernel.org/stable/c/a1c6174e23df10b8e5770e82d63bc6e2118a3dc7
https://git.kernel.org/stable/c/333b4fd11e89b29c84c269123f871883a30be586

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for linux-azure-6.8
Ubuntu update for linux-azure
Ubuntu update for linux-azure-5.15
Ubuntu update for linux-hwe-5.15
Ubuntu update for linux-hwe-6.8
Dell VxRail Appliance 8.x update for third-party components
Ubuntu update for linux-nvidia-tegra
Ubuntu update for linux-xilinx-zynqmp
Ubuntu update for linux-intel-iot-realtime
Ubuntu update for linux-aws-fips