CVE-2024-50125
📋 TL;DR
This CVE describes a use-after-free vulnerability in the Linux kernel's Bluetooth SCO (Synchronous Connection-Oriented) subsystem. An attacker could potentially exploit this to cause a kernel crash (denial of service) or possibly execute arbitrary code with kernel privileges. All systems running affected Linux kernel versions with Bluetooth functionality are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, or potential arbitrary code execution with kernel privileges resulting in complete system compromise.
Likely Case
System crash or kernel panic causing denial of service, requiring a reboot to restore functionality.
If Mitigated
Limited impact if Bluetooth is disabled or the system is not using SCO connections.
🎯 Exploit Status
Exploitation requires local access or Bluetooth proximity. The vulnerability involves race conditions during socket cleanup, making reliable exploitation challenging.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check kernel commit references for specific patched versions
Vendor Advisory: https://git.kernel.org/stable/c/1bf4470a3939c678fb822073e9ea77a0560bc6bb
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Disable Bluetooth
linuxCompletely disable Bluetooth functionality to prevent exploitation
sudo systemctl stop bluetooth
sudo systemctl disable bluetooth
sudo rfkill block bluetooth
Disable SCO connections
linuxPrevent SCO connections if Bluetooth must remain enabled
sudo modprobe -r btusb
sudo modprobe btusb disable_scofix=1
🧯 If You Can't Patch
- Disable Bluetooth functionality entirely if not required
- Implement strict access controls to limit local user access to systems
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare against patched versions in kernel commit references. Vulnerable if running affected kernel with Bluetooth enabled.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to include fix commits. Check that Bluetooth functionality still works properly after patch.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- Bluetooth subsystem crash logs
- System crash/reboot events
Network Indicators:
- Unusual Bluetooth connection attempts
- SCO connection failures
SIEM Query:
source="kernel" AND ("panic" OR "Oops" OR "general protection fault") AND "bluetooth"🔗 References
- https://git.kernel.org/stable/c/1bf4470a3939c678fb822073e9ea77a0560bc6bb
- https://git.kernel.org/stable/c/74a466a15731a754bcd8b5a83c126b5122e15a45
- https://git.kernel.org/stable/c/80b05fbfa998480fb3d5299d93eab946f51e9c36
- https://git.kernel.org/stable/c/9ddda5d967e84796e7df1b54a55f36b4b9f21079
- https://git.kernel.org/stable/c/d30803f6a972b5b9e26d1d43b583c7ec151de04b
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
