cve/2024/CVE-2024-56605.md

CVE-2024-56605

Description

In the Linux kernel, the following vulnerability has been resolved:Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()bt_sock_alloc() allocates the sk object and attaches it to the providedsock object. On error l2cap_sock_alloc() frees the sk object, but thedangling pointer is still attached to the sock object, which may createuse-after-free in other code.

POC

Reference

No PoCs from references.

Github

• https://github.com/cku-heise/euvd-api-doc
• https://github.com/w4zu/Debian_security