{"id":"CVE-2024-50124","summary":"Bluetooth: ISO: Fix UAF on iso_sock_timeout","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix UAF on iso_sock_timeout\n\nconn-\u003esk maybe have been unlinked/freed while waiting for iso_conn_lock\nso this checks if the conn-\u003esk is still valid by checking if it part of\niso_sk_list.","modified":"2026-03-20T12:39:35.542724Z","published":"2024-11-05T17:10:52.434Z","related":["ALSA-2024:11486","MGASA-2024-0368","MGASA-2024-0369","SUSE-SU-2024:4314-1","SUSE-SU-2024:4315-1","SUSE-SU-2024:4316-1","SUSE-SU-2024:4318-1","SUSE-SU-2024:4364-1","SUSE-SU-2024:4376-1","SUSE-SU-2024:4387-1","SUSE-SU-2025:02069-1","SUSE-SU-2025:02070-1","SUSE-SU-2025:02071-1","SUSE-SU-2025:02076-1","SUSE-SU-2025:02077-1","SUSE-SU-2025:02106-1","SUSE-SU-2025:02107-1","SUSE-SU-2025:02113-1","SUSE-SU-2025:02116-1","SUSE-SU-2025:02117-1","SUSE-SU-2025:02126-1","SUSE-SU-2025:02127-1","SUSE-SU-2025:02157-1","SUSE-SU-2025:02162-1","SUSE-SU-2025:02171-1","SUSE-SU-2025:20163-1","SUSE-SU-2025:20164-1","SUSE-SU-2025:20246-1","SUSE-SU-2025:20247-1","SUSE-SU-2025:20431-1","SUSE-SU-2025:20435-1","SUSE-SU-2025:20436-1","SUSE-SU-2025:20437-1","SUSE-SU-2025:20448-1","SUSE-SU-2025:20450-1","USN-7276-1","USN-7277-1","openSUSE-SU-2024:14500-1","openSUSE-SU-2025:14705-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50124.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/14bcb721d241e62fdd18f6f434a2ed2ab6e71a9b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/246b435ad668596aa0e2bbb9d491b6413861211a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/876ac72d535fa94f4ac57bba651987c6f990f646"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d75aad1d3143ca68cda52ff80ac392e1bbd84325"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50124.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50124"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ccf74f2390d60a2f9a75ef496d2564abb478f46a"},{"fixed":"876ac72d535fa94f4ac57bba651987c6f990f646"},{"fixed":"14bcb721d241e62fdd18f6f434a2ed2ab6e71a9b"},{"fixed":"d75aad1d3143ca68cda52ff80ac392e1bbd84325"},{"fixed":"246b435ad668596aa0e2bbb9d491b6413861211a"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50124.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}