CVE-2024-50077

Medium

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix multiple init when debugfs is disabled If bt_debugfs is not created successfully, which happens if either CONFIG_DEBUG_FS or CONFIG_DEBUG_FS_ALLOW_ALL is unset, then iso_init() returns early and does not set iso_inited to true. This means that a subsequent call to iso_init() will result in duplicate calls to proto_register(), bt_sock_register(), etc. With CONFIG_LIST_HARDENED and CONFIG_BUG_ON_DATA_CORRUPTION enabled, the duplicate call to proto_register() triggers this BUG(): list_add double add: new=ffffffffc0b280d0, prev=ffffffffbab56250, next=ffffffffc0b280d0. ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:35! Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 2 PID: 887 Comm: bluetoothd Not tainted 6.10.11-1-ao-desktop #1 RIP: 0010:__list_add_valid_or_report+0x9a/0xa0 ... __list_add_valid_or_report+0x9a/0xa0 proto_register+0x2b5/0x340 iso_init+0x23/0x150 [bluetooth] set_iso_socket_func+0x68/0x1b0 [bluetooth] kmem_cache_free+0x308/0x330 hci_sock_sendmsg+0x990/0x9e0 [bluetooth] __sock_sendmsg+0x7b/0x80 sock_write_iter+0x9a/0x110 do_iter_readv_writev+0x11d/0x220 vfs_writev+0x180/0x3e0 do_writev+0xca/0x100 ... This change removes the early return. The check for iso_debugfs being NULL was unnecessary, it is always NULL when iso_inited is false.

Package Linux Kernel
Published 2024-10-29
Last modified 2025-11-03
CVSS version 3.1
Patch available
Yes

CVSS 3.1 score

5.5

out of 10
Medium
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected versions

Linux kernel versions 6.0 and later are affected. Fixed in 6.1.114, 6.6.58, 6.11.5, 6.12 and their respective stable series.

Affected from
≥ 6.0
Fixed in
✓ 6.1.114 6.1.x ✓ 6.6.58 6.6.x ✓ 6.11.5 6.11.x ✓ 6.12

References

The following references provide additional information about CVE-2024-50077 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

4 patch commits total View all on NVD

Frequently asked questions

  • What is CVE-2024-50077?

    CVE-2024-50077 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . It affects Linux kernel versions from 6.0 onward and has been patched in 6.1.114, 6.6.58, 6.11.5 and others. CVE-2024-50077 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

  • What is the CVSS score for CVE-2024-50077?

    CVE-2024-50077 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H .

  • Is there a patch available for CVE-2024-50077?

    Yes — CVE-2024-50077 has been patched. Fixed versions include 6.1.114, 6.6.58, 6.11.5 and others. If you are running Linux kernel 6.0 or later up to the fix versions, apply the relevant patch for your kernel branch.

  • Is CVE-2024-50077 actively exploited?

    No — CVE-2024-50077 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.

Back to
All CVEs
View on
NVD / NIST