{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T07:05:14.207","vulnerabilities":[{"cve":{"id":"CVE-2024-42141","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-07-30T08:15:05.917","lastModified":"2024-12-11T15:17:03.930","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Check socket flag instead of hcon\n\nThis fixes the following Smatch static checker warning:\n\nnet/bluetooth/iso.c:1364 iso_sock_recvmsg()\nerror: we previously assumed 'pi->conn->hcon' could be null (line 1359)\n\nnet/bluetooth/iso.c\n1347 static int iso_sock_recvmsg(struct socket *sock, struct msghdr *msg,\n1348 size_t len, int flags)\n1349 {\n1350 struct sock *sk = sock->sk;\n1351 struct iso_pinfo *pi = iso_pi(sk);\n1352\n1353 BT_DBG(\"sk %p\", sk);\n1354\n1355 if (test_and_clear_bit(BT_SK_DEFER_SETUP,\n &bt_sk(sk)->flags)) {\n1356 lock_sock(sk);\n1357 switch (sk->sk_state) {\n1358 case BT_CONNECT2:\n1359 if (pi->conn->hcon &&\n ^^^^^^^^^^^^^^ If ->hcon is NULL\n\n1360 test_bit(HCI_CONN_PA_SYNC,\n &pi->conn->hcon->flags)) {\n1361 iso_conn_big_sync(sk);\n1362 sk->sk_state = BT_LISTEN;\n1363 } else {\n--> 1364 iso_conn_defer_accept(pi->conn->hcon);\n ^^^^^^^^^^^^^^\n then we're toast\n\n1365 sk->sk_state = BT_CONFIG;\n1366 }\n1367 release_sock(sk);\n1368 return 0;\n1369 case BT_CONNECTED:\n1370 if (test_bit(BT_SK_PA_SYNC,"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: ISO: Verifique el indicador de socket en lugar de hcon. Esto corrige la siguiente advertencia del verificador estático de Smatch: net/bluetooth/iso.c:1364 iso_sock_recvmsg() error: previamente asumimos 'pi ->conn->hcon' podría ser nulo (línea 1359) net/bluetooth/iso.c 1347 static int iso_sock_recvmsg(struct socket *sock, struct msghdr *msg, 1348 size_t len, int flags) 1349 { 1350 struct sock *sk = calcetín->sk; 1351 estructura iso_pinfo *pi = iso_pi(sk); 1352 1353 BT_DBG(\"sk%p\",sk); 1354 1355 if (test_and_clear_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 1356 lock_sock(sk); 1357 interruptor (sk->sk_state) { 1358 caso BT_CONNECT2: 1359 si (pi->conn->hcon && ^^^^^^^^^^^^^^ Si ->hcon es NULL 1360 test_bit(HCI_CONN_PA_SYNC, &pi ->conn->hcon->flags)) { 1361 iso_conn_big_sync(sk); 1362 sk->sk_state = BT_LISTEN; 1363 } else { --> 1364 iso_conn_defer_accept(pi->conn->hcon); ^^^^^^^^^^^^^^ entonces estamos 1365 sk->sk_state = BT_CONFIG; 1366 } 1367 liberación_sock(sk); 1368 devuelve 0; 1369 caso BT_CONNECTED: 1370 si (test_bit(BT_SK_PA_SYNC,"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.12","versionEndExcluding":"6.6","matchCriteriaId":"AFD63F94-BD00-4EF2-9873-45E8DED18B9A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.39","matchCriteriaId":"00F6F32E-C522-4E2D-BA6B-B110CFD4B83F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.9.9","matchCriteriaId":"ADCC1407-0CB3-4C8F-B4C5-07F682CD7085"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*","matchCriteriaId":"2EBB4392-5FA6-4DA9-9772-8F9C750109FA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.10:rc2:*:*:*:*:*:*","matchCriteriaId":"331C2F14-12C7-45D5-893D-8C52EE38EA10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.10:rc3:*:*:*:*:*:*","matchCriteriaId":"3173713D-909A-4DD3-9DD4-1E171EB057EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.10:rc4:*:*:*:*:*:*","matchCriteriaId":"79F18AFA-40F7-43F0-BA30-7BDB65F918B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.10:rc5:*:*:*:*:*:*","matchCriteriaId":"BD973AA4-A789-49BD-8D57-B2846935D3C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.10:rc6:*:*:*:*:*:*","matchCriteriaId":"8F3E9E0C-AC3E-4967-AF80-6483E8AB0078"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/045669710464a21c67e690ef14698fd71857cb11","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/33fabef489169c6db87843ef23351ed0d5e51ad8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/596b6f081336e77764ca35cfeab66d0fcdbe544e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/045669710464a21c67e690ef14698fd71857cb11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/33fabef489169c6db87843ef23351ed0d5e51ad8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/596b6f081336e77764ca35cfeab66d0fcdbe544e","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}