CVE-2024-50148

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61

Description: The issue is related to a wild-memory-access in the proto unregister function of the Bluetooth BNEP module. The problem occurs because bnep init() ignores the return value of bnep sock init(), which cleans up all resources. When the bnep module is removed, bnep sock cleanup() is called to clean up the socket's resources, leading to a potential wild-memory-access. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations: For Linux kernel versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider modifying the bnep exit() function to return the return value of bnep sock init() to prevent the wild-memory-access. Restrict access to the vulnerable BNEP module to minimize the risk of exploitation. Avoid using the BNEP module until the issue is resolved.