{"id":"CVE-2024-58009","summary":"Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.","modified":"2026-05-18T05:57:21.139674545Z","published":"2025-02-27T02:12:04.637Z","related":["SUSE-SU-2025:01600-1","SUSE-SU-2025:01919-1","SUSE-SU-2025:1177-1","SUSE-SU-2025:1178-1","SUSE-SU-2025:1180-1","SUSE-SU-2025:20190-1","SUSE-SU-2025:20192-1","SUSE-SU-2025:20260-1","SUSE-SU-2025:20270-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58009.json"},"references":[{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"},{"type":"WEB","url":"https://git.kernel.org/stable/c/245d48c1ba3e7a1779c2f4cbc6f581ddc8a78e22"},{"type":"WEB","url":"https://git.kernel.org/stable/c/297ce7f544aa675b0d136d788cad0710cdfb0785"},{"type":"WEB","url":"https://git.kernel.org/stable/c/49c0d55d59662430f1829ae85b969619573d0fa1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5f397409f8ee5bc82901eeaf799e1cbc4f8edcf1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/691218a50c3139f7f57ffa79fb89d932eda9571e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8e605f580a97530e5a3583beea458a3fa4cbefbd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a9a7672fc1a0fe18502493936ccb06413ab89ea6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cf601a24120c674cd7c907ea695f92617af6abd0"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58009.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58009"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f6ad641646b67f29c7578dcd6c25813c7dcbf51e"},{"fixed":"a9a7672fc1a0fe18502493936ccb06413ab89ea6"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"daa13175a6dea312a76099066cb4cbd4fc959a84"},{"fixed":"8e605f580a97530e5a3583beea458a3fa4cbefbd"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a8677028dd5123e5e525b8195483994d87123de4"},{"fixed":"cf601a24120c674cd7c907ea695f92617af6abd0"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"bb2f2342a6ddf7c04f9aefbbfe86104cd138e629"},{"fixed":"297ce7f544aa675b0d136d788cad0710cdfb0785"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"8ad09ddc63ace3950ac43db6fbfe25b40f589dd6"},{"fixed":"245d48c1ba3e7a1779c2f4cbc6f581ddc8a78e22"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"61686abc2f3c2c67822aa23ce6f160467ec83d35"},{"fixed":"691218a50c3139f7f57ffa79fb89d932eda9571e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7c4f78cdb8e7501e9f92d291a7d956591bf73be9"},{"fixed":"49c0d55d59662430f1829ae85b969619573d0fa1"},{"fixed":"5f397409f8ee5bc82901eeaf799e1cbc4f8edcf1"}]}],"versions":["v5.4.290","v5.4.289","v5.4.288","v5.4.287","v5.10.234","v5.10.233","v5.10.232","v5.10.231","v5.15.178","v5.15.177","v5.15.176","v5.15.175","v5.15.174","v6.1.128","v6.1.127","v6.1.126","v6.1.125","v6.1.124","v6.1.123","v6.1.122","v6.1.121","v6.1.120","v6.6.77","v6.6.76","v6.6.75","v6.6.74","v6.6.73","v6.6.72","v6.6.71","v6.6.70","v6.6.69","v6.6.68","v6.6.67","v6.6.66","v6.12.13","v6.12.12","v6.12.11","v6.12.10","v6.12.9","v6.12.8","v6.12.7","v6.12.6","v6.12.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58009.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.291"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.235"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.179"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.129"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.78"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.14"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.13.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58009.json"}}],"schema_version":"1.7.5"}