{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-42141","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-07-29T15:50:41.189Z","datePublished":"2024-07-30T07:46:35.174Z","dateUpdated":"2025-05-04T12:57:46.234Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:57:46.234Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Check socket flag instead of hcon\n\nThis fixes the following Smatch static checker warning:\n\nnet/bluetooth/iso.c:1364 iso_sock_recvmsg()\nerror: we previously assumed 'pi->conn->hcon' could be null (line 1359)\n\nnet/bluetooth/iso.c\n1347 static int iso_sock_recvmsg(struct socket *sock, struct msghdr *msg,\n1348                             size_t len, int flags)\n1349 {\n1350         struct sock *sk = sock->sk;\n1351         struct iso_pinfo *pi = iso_pi(sk);\n1352\n1353         BT_DBG(\"sk %p\", sk);\n1354\n1355         if (test_and_clear_bit(BT_SK_DEFER_SETUP,\n                                      &bt_sk(sk)->flags)) {\n1356                 lock_sock(sk);\n1357                 switch (sk->sk_state) {\n1358                 case BT_CONNECT2:\n1359                         if (pi->conn->hcon &&\n                                     ^^^^^^^^^^^^^^ If ->hcon is NULL\n\n1360                             test_bit(HCI_CONN_PA_SYNC,\n                                         &pi->conn->hcon->flags)) {\n1361                                 iso_conn_big_sync(sk);\n1362                                 sk->sk_state = BT_LISTEN;\n1363                         } else {\n--> 1364                         iso_conn_defer_accept(pi->conn->hcon);\n                                                       ^^^^^^^^^^^^^^\n                                                       then we're toast\n\n1365                                 sk->sk_state = BT_CONFIG;\n1366                         }\n1367                         release_sock(sk);\n1368                         return 0;\n1369                 case BT_CONNECTED:\n1370                         if (test_bit(BT_SK_PA_SYNC,"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/bluetooth/iso.c"],"versions":[{"version":"fbdc4bc47268953c80853489f696e02d61f9a2c6","lessThan":"045669710464a21c67e690ef14698fd71857cb11","status":"affected","versionType":"git"},{"version":"fbdc4bc47268953c80853489f696e02d61f9a2c6","lessThan":"33fabef489169c6db87843ef23351ed0d5e51ad8","status":"affected","versionType":"git"},{"version":"fbdc4bc47268953c80853489f696e02d61f9a2c6","lessThan":"596b6f081336e77764ca35cfeab66d0fcdbe544e","status":"affected","versionType":"git"},{"version":"c03a10bd5b6ccb22921e04bcddc987410df7e7a9","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/bluetooth/iso.c"],"versions":[{"version":"6.6","status":"affected"},{"version":"0","lessThan":"6.6","status":"unaffected","versionType":"semver"},{"version":"6.6.39","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.9.9","lessThanOrEqual":"6.9.*","status":"unaffected","versionType":"semver"},{"version":"6.10","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.39"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.9.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/045669710464a21c67e690ef14698fd71857cb11"},{"url":"https://git.kernel.org/stable/c/33fabef489169c6db87843ef23351ed0d5e51ad8"},{"url":"https://git.kernel.org/stable/c/596b6f081336e77764ca35cfeab66d0fcdbe544e"}],"title":"Bluetooth: ISO: Check socket flag instead of hcon","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T04:54:32.592Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/045669710464a21c67e690ef14698fd71857cb11","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/33fabef489169c6db87843ef23351ed0d5e51ad8","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/596b6f081336e77764ca35cfeab66d0fcdbe544e","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-42141","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T16:15:53.613577Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:34:35.470Z"}}]}}