{"id":"AZL-53316","summary":"CVE-2024-50148 affecting package kernel for versions less than 6.6.64.2-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: fix wild-memory-access in proto_unregister\n\nThere's issue as follows:\n  KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\n  CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G        W\n  RIP: 0010:proto_unregister+0xee/0x400\n  Call Trace:\n   \u003cTASK\u003e\n   __do_sys_delete_module+0x318/0x580\n   do_syscall_64+0xc1/0x1d0\n   entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAs bnep_init() ignore bnep_sock_init()'s return value, and bnep_sock_init()\nwill cleanup all resource. Then when remove bnep module will call\nbnep_sock_cleanup() to cleanup sock's resource.\nTo solve above issue just return bnep_sock_init()'s return value in\nbnep_exit().","modified":"2026-04-01T05:18:01.141693Z","published":"2024-11-07T10:15:06Z","upstream":["CVE-2024-50148"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50148"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.6.64.2-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-53316.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}