PT-2024-3620 · Linux+6 · Linux Kernel+6

Tianshu Qiu

·

Publicado

2024-05-03

·

Atualizado

2026-05-25

·

CVE-2024-27398

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Nome do Software Vulnerável e Versões Afetadas Linux kernel (versões afetadas não especificadas)
Descrição Uma condição de corrida na subsistema Bluetooth do kernel Linux pode levar a um problema de use-after-free. Isso ocorre quando uma conexão SCO é estabelecida e o socket SCO é posteriormente liberado; o timeout work é agendado para determinar se a desconexão SCO expirou. O socket é desalocado, mas é referenciado novamente dentro da função sco sock timeout(), resultando no use-after-free. Esta falha pode permitir que um invasor cause a negação de serviço.
Recomendações No momento, não há informações sobre uma versão mais recente que contenha a correção para esta vulnerabilidade.

Exploit

DoS

LPE

Race Condition

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-416

Identificadores relacionados

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
BDU:2024-03937
CVE-2024-27398
DLA-3840-1
DLA-3843-1
DSA-5703-1
INFSA-2025_6966
LSN-0107-1
LSN-0108-1
OESA-2024-1648
OESA-2024-1650
OESA-2024-1651
OESA-2024-1652
OPENSUSE-SU-2024_2185-1
OPENSUSE-SU-2024_2189-1
OPENSUSE-SU-2024_3623-1
OPENSUSE-SU-2024_3625-1
OPENSUSE-SU-2024_3631-1
OPENSUSE-SU-2024_3632-1
OPENSUSE-SU-2024_3639-1
OPENSUSE-SU-2024_3651-1
OPENSUSE-SU-2024_3652-1
OPENSUSE-SU-2024_3679-1
OPENSUSE-SU-2024_3685-1
OPENSUSE-SU-2024_3694-1
OPENSUSE-SU-2024_3695-1
OPENSUSE-SU-2024_3696-1
OPENSUSE-SU-2024_3697-1
OPENSUSE-SU-2024_3700-1
OPENSUSE-SU-2024_3701-1
OPENSUSE-SU-2024_3710-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3798-1
OPENSUSE-SU-2024_3806-1
OPENSUSE-SU-2024_3814-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3830-1
OPENSUSE-SU-2024_3831-1
OPENSUSE-SU-2024_3837-1
OPENSUSE-SU-2024_3842-1
OPENSUSE-SU-2024_3851-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_3854-1
OPENSUSE-SU-2024_3855-1
OPENSUSE-SU-2024_3857-1
OPENSUSE-SU-2024_3860-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4123-1
OPENSUSE-SU-2024_4124-1
OPENSUSE-SU-2024_4125-1
OPENSUSE-SU-2024_4180-1
OPENSUSE-SU-2024_4207-1
OPENSUSE-SU-2024_4214-1
OPENSUSE-SU-2024_4216-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4235-1
OPENSUSE-SU-2024_4236-1
OPENSUSE-SU-2024_4243-1
OPENSUSE-SU-2024_4256-1
OPENSUSE-SU-2024_4264-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2025_0101-1
OPENSUSE-SU-2025_0106-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0114-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0124-1
OPENSUSE-SU-2025_0137-1
OPENSUSE-SU-2025_0146-1
OPENSUSE-SU-2025_0150-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0164-1
OPENSUSE-SU-2025_0238-1
OPENSUSE-SU-2025_0240-1
OPENSUSE-SU-2025_0244-1
OPENSUSE-SU-2025_0248-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0253-1
OPENSUSE-SU-2025_0254-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0264-1
OPENSUSE-SU-2025_0266-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:1979-1
SUSE-SU-2024:1983-1
SUSE-SU-2024:2008-1
SUSE-SU-2024:2010-1
SUSE-SU-2024:2011-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2183-1
SUSE-SU-2024:2184-1
SUSE-SU-2024:2185-1
SUSE-SU-2024:2189-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2719-1
SUSE-SU-2024:2722-1
SUSE-SU-2024:2723-1
SUSE-SU-2024:2724-1
SUSE-SU-2024:2725-1
SUSE-SU-2024:2726-1
SUSE-SU-2024:2734-1
SUSE-SU-2024:2740-1
SUSE-SU-2024:2750-1
SUSE-SU-2024:2751-1
SUSE-SU-2024:2755-1
SUSE-SU-2024:2758-1
SUSE-SU-2024:2759-1
SUSE-SU-2024:2760-1
SUSE-SU-2024:2771-1
SUSE-SU-2024:2773-1
SUSE-SU-2024:2792-1
SUSE-SU-2024:2793-1
SUSE-SU-2024:2815-1
SUSE-SU-2024:2818-1
SUSE-SU-2024:2821-1
SUSE-SU-2024:2822-1
SUSE-SU-2024:2824-1
SUSE-SU-2024:2825-1
SUSE-SU-2024:2827-1
SUSE-SU-2024:2840-1
SUSE-SU-2024:2841-1
SUSE-SU-2024:2843-1
SUSE-SU-2024:2850-1
SUSE-SU-2024:2851-1
SUSE-SU-2024:2852-1
SUSE-SU-2024:2874-1
SUSE-SU-2024:3015-1
SUSE-SU-2024:3034-1
SUSE-SU-2024:3037-1
SUSE-SU-2024:3039-1
SUSE-SU-2024:3043-1
SUSE-SU-2024:3044-1
SUSE-SU-2024:3048-1
SUSE-SU-2024:3318-1
SUSE-SU-2024:3320-1
SUSE-SU-2024:3334-1
SUSE-SU-2024:3336-1
SUSE-SU-2024:3347-1
SUSE-SU-2024:3348-1
SUSE-SU-2024:3349-1
SUSE-SU-2024:3363-1
SUSE-SU-2024:3368-1
SUSE-SU-2024:3370-1
SUSE-SU-2024:3375-1
SUSE-SU-2024:3379-1
SUSE-SU-2024:3399-1
SUSE-SU-2024:3623-1
SUSE-SU-2024:3625-1
SUSE-SU-2024:3631-1
SUSE-SU-2024:3632-1
SUSE-SU-2024:3639-1
SUSE-SU-2024:3642-1
SUSE-SU-2024:3649-1
SUSE-SU-2024:3651-1
SUSE-SU-2024:3652-1
SUSE-SU-2024:3662-1
SUSE-SU-2024:3663-1
SUSE-SU-2024:3679-1
SUSE-SU-2024:3685-1
SUSE-SU-2024:3694-1
SUSE-SU-2024:3695-1
SUSE-SU-2024:3696-1
SUSE-SU-2024:3697-1
SUSE-SU-2024:3700-1
SUSE-SU-2024:3701-1
SUSE-SU-2024:3710-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3796-1
SUSE-SU-2024:3798-1
SUSE-SU-2024:3803-1
SUSE-SU-2024:3806-1
SUSE-SU-2024:3814-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3820-1
SUSE-SU-2024:3821-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3830-1
SUSE-SU-2024:3831-1
SUSE-SU-2024:3837-1
SUSE-SU-2024:3842-1
SUSE-SU-2024:3849-1
SUSE-SU-2024:3851-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:3854-1
SUSE-SU-2024:3855-1
SUSE-SU-2024:3857-1
SUSE-SU-2024:3860-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4123-1
SUSE-SU-2024:4124-1
SUSE-SU-2024:4125-1
SUSE-SU-2024:4180-1
SUSE-SU-2024:4207-1
SUSE-SU-2024:4214-1
SUSE-SU-2024:4216-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4226-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4235-1
SUSE-SU-2024:4236-1
SUSE-SU-2024:4242-1
SUSE-SU-2024:4243-1
SUSE-SU-2024:4249-1
SUSE-SU-2024:4250-1
SUSE-SU-2024:4256-1
SUSE-SU-2024:4263-1
SUSE-SU-2024:4264-1
SUSE-SU-2024:4266-1
SUSE-SU-2025:0091-1
SUSE-SU-2025:0101-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0106-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0114-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0124-1
SUSE-SU-2025:0137-1
SUSE-SU-2025:0146-1
SUSE-SU-2025:0150-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0164-1
SUSE-SU-2025:0238-1
SUSE-SU-2025:0240-1
SUSE-SU-2025:0244-1
SUSE-SU-2025:0248-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0253-1
SUSE-SU-2025:0254-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0264-1
SUSE-SU-2025:0266-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20249-1
USN-6949-1
USN-6949-2
USN-6950-1
USN-6950-2
USN-6950-3
USN-6950-4
USN-6951-1
USN-6951-2
USN-6951-3
USN-6951-4
USN-6952-1
USN-6952-2
USN-6953-1
USN-6955-1
USN-6956-1
USN-6957-1
USN-6979-1
USN-7019-1
USN-7028-1
USN-7028-2

Produtos afetados

Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu