{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-54460", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-01-09T09:51:32.434Z", "datePublished": "2025-01-11T12:29:53.553Z", "dateUpdated": "2026-05-11T20:53:50.234Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:53:50.234Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_listen_bis\n\nThis fixes the circular locking dependency warning below, by\nreleasing the socket lock before enterning iso_listen_bis, to\navoid any potential deadlock with hdev lock.\n\n[ 75.307983] ======================================================\n[ 75.307984] WARNING: possible circular locking dependency detected\n[ 75.307985] 6.12.0-rc6+ #22 Not tainted\n[ 75.307987] ------------------------------------------------------\n[ 75.307987] kworker/u81:2/2623 is trying to acquire lock:\n[ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO)\n at: iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308021]\n but task is already holding lock:\n[ 75.308022] ffff8fdd61a10078 (&hdev->lock)\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308053]\n which lock already depends on the new lock.\n\n[ 75.308054]\n the existing dependency chain (in reverse order) is:\n[ 75.308055]\n -> #1 (&hdev->lock){+.+.}-{3:3}:\n[ 75.308057] __mutex_lock+0xad/0xc50\n[ 75.308061] mutex_lock_nested+0x1b/0x30\n[ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth]\n[ 75.308085] __sys_listen_socket+0x49/0x60\n[ 75.308088] __x64_sys_listen+0x4c/0x90\n[ 75.308090] x64_sys_call+0x2517/0x25f0\n[ 75.308092] do_syscall_64+0x87/0x150\n[ 75.308095] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 75.308098]\n -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 75.308100] __lock_acquire+0x155e/0x25f0\n[ 75.308103] lock_acquire+0xc9/0x300\n[ 75.308105] lock_sock_nested+0x32/0x90\n[ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth]\n[ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth]\n[ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth]\n[ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth]\n[ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth]\n[ 75.308254] process_one_work+0x212/0x740\n[ 75.308256] worker_thread+0x1bd/0x3a0\n[ 75.308258] kthread+0xe4/0x120\n[ 75.308259] ret_from_fork+0x44/0x70\n[ 75.308261] ret_from_fork_asm+0x1a/0x30\n[ 75.308263]\n other info that might help us debug this:\n\n[ 75.308264] Possible unsafe locking scenario:\n\n[ 75.308264] CPU0 CPU1\n[ 75.308265] ---- ----\n[ 75.308265] lock(&hdev->lock);\n[ 75.308267] lock(sk_lock-\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308268] lock(&hdev->lock);\n[ 75.308269] lock(sk_lock-AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308270]\n *** DEADLOCK ***\n\n[ 75.308271] 4 locks held by kworker/u81:2/2623:\n[ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0},\n at: process_one_work+0x443/0x740\n[ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)),\n at: process_one_work+0x1ce/0x740\n[ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3}\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2},\n at: hci_connect_cfm+0x29/0x190 [bluetooth]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/bluetooth/iso.c"], "versions": [{"version": "02171da6e86a73e1b343b36722f5d9d5c04b3539", "lessThan": "c541d7b5e17987ed330798b07d4ad508859c1c93", "status": "affected", "versionType": "git"}, {"version": "02171da6e86a73e1b343b36722f5d9d5c04b3539", "lessThan": "168e28305b871d8ec604a8f51f35467b8d7ba05b", "status": "affected", "versionType": "git"}, {"version": "a6c3af0a620082d191dabc69c4925b3e6c26dd48", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/bluetooth/iso.c"], "versions": [{"version": "6.9", "status": "affected"}, {"version": "0", "lessThan": "6.9", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.6", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.9", "versionEndExcluding": "6.12.6"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.9", "versionEndExcluding": "6.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.8.12"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c541d7b5e17987ed330798b07d4ad508859c1c93"}, {"url": "https://git.kernel.org/stable/c/168e28305b871d8ec604a8f51f35467b8d7ba05b"}], "title": "Bluetooth: iso: Fix circular lock in iso_listen_bis", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-54460", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T19:55:30.634283Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-667", "description": "CWE-667 Improper Locking"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T19:57:21.713Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-54460", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T19:55:30.634283Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-667", "description": "CWE-667 Improper Locking"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T15:53:00.992Z"}}], "cna": {"title": "Bluetooth: iso: Fix circular lock in iso_listen_bis", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "02171da6e86a73e1b343b36722f5d9d5c04b3539", "lessThan": "c541d7b5e17987ed330798b07d4ad508859c1c93", "versionType": "git"}, {"status": "affected", "version": "02171da6e86a73e1b343b36722f5d9d5c04b3539", "lessThan": "168e28305b871d8ec604a8f51f35467b8d7ba05b", "versionType": "git"}, {"status": "affected", "version": "a6c3af0a620082d191dabc69c4925b3e6c26dd48", "versionType": "git"}], "programFiles": ["net/bluetooth/iso.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.9"}, {"status": "unaffected", "version": "0", "lessThan": "6.9", "versionType": "semver"}, {"status": "unaffected", "version": "6.12.6", "versionType": "semver", "lessThanOrEqual": "6.12.*"}, {"status": "unaffected", "version": "6.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/bluetooth/iso.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/c541d7b5e17987ed330798b07d4ad508859c1c93"}, {"url": "https://git.kernel.org/stable/c/168e28305b871d8ec604a8f51f35467b8d7ba05b"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_listen_bis\n\nThis fixes the circular locking dependency warning below, by\nreleasing the socket lock before enterning iso_listen_bis, to\navoid any potential deadlock with hdev lock.\n\n[ 75.307983] ======================================================\n[ 75.307984] WARNING: possible circular locking dependency detected\n[ 75.307985] 6.12.0-rc6+ #22 Not tainted\n[ 75.307987] ------------------------------------------------------\n[ 75.307987] kworker/u81:2/2623 is trying to acquire lock:\n[ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO)\n at: iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308021]\n but task is already holding lock:\n[ 75.308022] ffff8fdd61a10078 (&hdev->lock)\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308053]\n which lock already depends on the new lock.\n\n[ 75.308054]\n the existing dependency chain (in reverse order) is:\n[ 75.308055]\n -> #1 (&hdev->lock){+.+.}-{3:3}:\n[ 75.308057] __mutex_lock+0xad/0xc50\n[ 75.308061] mutex_lock_nested+0x1b/0x30\n[ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth]\n[ 75.308085] __sys_listen_socket+0x49/0x60\n[ 75.308088] __x64_sys_listen+0x4c/0x90\n[ 75.308090] x64_sys_call+0x2517/0x25f0\n[ 75.308092] do_syscall_64+0x87/0x150\n[ 75.308095] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 75.308098]\n -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 75.308100] __lock_acquire+0x155e/0x25f0\n[ 75.308103] lock_acquire+0xc9/0x300\n[ 75.308105] lock_sock_nested+0x32/0x90\n[ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth]\n[ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth]\n[ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth]\n[ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth]\n[ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth]\n[ 75.308254] process_one_work+0x212/0x740\n[ 75.308256] worker_thread+0x1bd/0x3a0\n[ 75.308258] kthread+0xe4/0x120\n[ 75.308259] ret_from_fork+0x44/0x70\n[ 75.308261] ret_from_fork_asm+0x1a/0x30\n[ 75.308263]\n other info that might help us debug this:\n\n[ 75.308264] Possible unsafe locking scenario:\n\n[ 75.308264] CPU0 CPU1\n[ 75.308265] ---- ----\n[ 75.308265] lock(&hdev->lock);\n[ 75.308267] lock(sk_lock-\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308268] lock(&hdev->lock);\n[ 75.308269] lock(sk_lock-AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308270]\n *** DEADLOCK ***\n\n[ 75.308271] 4 locks held by kworker/u81:2/2623:\n[ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0},\n at: process_one_work+0x443/0x740\n[ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)),\n at: process_one_work+0x1ce/0x740\n[ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3}\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2},\n at: hci_connect_cfm+0x29/0x190 [bluetooth]"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.12.6", "versionStartIncluding": "6.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.13", "versionStartIncluding": "6.9"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "6.8.12"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T13:00:50.023Z"}}}, "cveMetadata": {"cveId": "CVE-2024-54460", "state": "PUBLISHED", "dateUpdated": "2025-10-01T19:57:21.713Z", "dateReserved": "2025-01-09T09:51:32.434Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2025-01-11T12:29:53.553Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C6C7E91-EB56-47C5-AB8F-8E569B8E5D4C", "versionEndExcluding": "6.12.6", "versionStartIncluding": "6.8.12", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc1:*:*:*:*:*:*", "matchCriteriaId": "62567B3C-6CEE-46D0-BC2E-B3717FBF7D13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.13:rc2:*:*:*:*:*:*", "matchCriteriaId": "5A073481-106D-4B15-B4C7-FB0213B8E1D4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: iso: Fix circular lock in iso_listen_bis\n\nThis fixes the circular locking dependency warning below, by\nreleasing the socket lock before enterning iso_listen_bis, to\navoid any potential deadlock with hdev lock.\n\n[ 75.307983] ======================================================\n[ 75.307984] WARNING: possible circular locking dependency detected\n[ 75.307985] 6.12.0-rc6+ #22 Not tainted\n[ 75.307987] ------------------------------------------------------\n[ 75.307987] kworker/u81:2/2623 is trying to acquire lock:\n[ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO)\n at: iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308021]\n but task is already holding lock:\n[ 75.308022] ffff8fdd61a10078 (&hdev->lock)\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308053]\n which lock already depends on the new lock.\n\n[ 75.308054]\n the existing dependency chain (in reverse order) is:\n[ 75.308055]\n -> #1 (&hdev->lock){+.+.}-{3:3}:\n[ 75.308057] __mutex_lock+0xad/0xc50\n[ 75.308061] mutex_lock_nested+0x1b/0x30\n[ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth]\n[ 75.308085] __sys_listen_socket+0x49/0x60\n[ 75.308088] __x64_sys_listen+0x4c/0x90\n[ 75.308090] x64_sys_call+0x2517/0x25f0\n[ 75.308092] do_syscall_64+0x87/0x150\n[ 75.308095] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 75.308098]\n -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 75.308100] __lock_acquire+0x155e/0x25f0\n[ 75.308103] lock_acquire+0xc9/0x300\n[ 75.308105] lock_sock_nested+0x32/0x90\n[ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth]\n[ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth]\n[ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth]\n[ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth]\n[ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth]\n[ 75.308254] process_one_work+0x212/0x740\n[ 75.308256] worker_thread+0x1bd/0x3a0\n[ 75.308258] kthread+0xe4/0x120\n[ 75.308259] ret_from_fork+0x44/0x70\n[ 75.308261] ret_from_fork_asm+0x1a/0x30\n[ 75.308263]\n other info that might help us debug this:\n\n[ 75.308264] Possible unsafe locking scenario:\n\n[ 75.308264] CPU0 CPU1\n[ 75.308265] ---- ----\n[ 75.308265] lock(&hdev->lock);\n[ 75.308267] lock(sk_lock-\n AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308268] lock(&hdev->lock);\n[ 75.308269] lock(sk_lock-AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308270]\n *** DEADLOCK ***\n\n[ 75.308271] 4 locks held by kworker/u81:2/2623:\n[ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0},\n at: process_one_work+0x443/0x740\n[ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)),\n at: process_one_work+0x1ce/0x740\n[ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3}\n at: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2},\n at: hci_connect_cfm+0x29/0x190 [bluetooth]"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: iso: Corregir bloqueo circular en iso_listen_bis Esto corrige la advertencia de dependencia de bloqueo circular a continuaci\u00f3n, liberando el bloqueo del socket antes de ingresar a iso_listen_bis, para evitar cualquier posible bloqueo con el bloqueo hdev. [ 75.307983] ========================================================= [ 75.307984] ADVERTENCIA: posible dependencia de bloqueo circular detectada [ 75.307985] 6.12.0-rc6+ #22 No contaminado [ 75.307987] ------------------------------------------------------ [ 75.307987] kworker/u81:2/2623 est\u00e1 intentando adquirir el bloqueo: [ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO) en: iso_connect_cfm+0x253/0x840 [bluetooth] [ 75.308021] pero la tarea ya tiene el bloqueo: [ 75.308022] ffff8fdd61a10078 (&hdev->lock) en: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth] [ 75.308053] cuyo bloqueo ya depende del nuevo bloqueo. [ 75.308054] la cadena de dependencia existente (en orden inverso) es: [ 75.308055] -> #1 (&hdev->lock){+.+.}-{3:3}: [ 75.308057] __mutex_lock+0xad/0xc50 [ 75.308061] mutex_lock_nested+0x1b/0x30 [ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth] [ 75.308085] __sys_listen_socket+0x49/0x60 [ 75.308088] __x64_sys_listen+0x4c/0x90 [ 75.308090] x64_sys_call+0x2517/0x25f0 [ 75.308092] hacer_syscall_64+0x87/0x150 [ 75.308095] entrada_SYSCALL_64_despu\u00e9s_de_hwframe+0x76/0x7e [ 75.308098] -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}: [ 75.308100] __lock_acquire+0x155e/0x25f0 [ 75.308103] lock_acquire+0xc9/0x300 [ 75.308105] lock_sock_nested+0x32/0x90 [ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth] [ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth] [ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth] [ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth] [ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth] [ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth] [ 75.308254] process_one_work+0x212/0x740 [ 75.308256] worker_thread+0x1bd/0x3a0 [ 75.308258] kthread+0xe4/0x120 [ 75.308259] ret_from_fork+0x44/0x70 [ 75.308261] ret_from_fork_asm+0x1a/0x30 [ 75.308263] otra informaci\u00f3n que podr\u00eda ayudarnos a depurar esto: [ 75.308264] Posible escenario de bloqueo inseguro: [ 75.308264] CPU0 CPU1 [ 75.308265] ---- ---- [ 75.308265] lock(&hdev->lock); [ 75.308267] lock(sk_lock- AF_BLUETOOTH-BTPROTO_ISO); [ 75.308268] bloquear(&hdev->bloquear); [ 75.308269] bloquear(sk_lock-AF_BLUETOOTH-BTPROTO_ISO); [ 75.308270] *** BLOQUEO INTERMEDIO *** [ 75.308271] 4 bloqueos mantenidos por kworker/u81:2/2623: [ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0}, en: process_one_work+0x443/0x740 [ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)), en: process_one_work+0x1ce/0x740 [ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3} en: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth] [ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2}, en: hci_connect_cfm+0x29/0x190 [bluetooth]"}], "id": "CVE-2024-54460", "lastModified": "2025-10-01T20:17:24.133", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-01-11T13:15:27.157", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/168e28305b871d8ec604a8f51f35467b8d7ba05b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c541d7b5e17987ed330798b07d4ad508859c1c93"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-667"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:6966", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-570.12.1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:6966", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-570.12.1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}], "bugzilla": {"description": "kernel: Bluetooth: iso: Fix circular lock in iso_listen_bis", "id": "2337117", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337117"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.7", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-667", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nBluetooth: iso: Fix circular lock in iso_listen_bis\nThis fixes the circular locking dependency warning below, by\nreleasing the socket lock before enterning iso_listen_bis, to\navoid any potential deadlock with hdev lock.\n[ 75.307983] ======================================================\n[ 75.307984] WARNING: possible circular locking dependency detected\n[ 75.307985] 6.12.0-rc6+ #22 Not tainted\n[ 75.307987] ------------------------------------------------------\n[ 75.307987] kworker/u81:2/2623 is trying to acquire lock:\n[ 75.307988] ffff8fde1769da58 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO)\nat: iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308021]\nbut task is already holding lock:\n[ 75.308022] ffff8fdd61a10078 (&hdev->lock)\nat: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308053]\nwhich lock already depends on the new lock.\n[ 75.308054]\nthe existing dependency chain (in reverse order) is:\n[ 75.308055]\n-> #1 (&hdev->lock){+.+.}-{3:3}:\n[ 75.308057] __mutex_lock+0xad/0xc50\n[ 75.308061] mutex_lock_nested+0x1b/0x30\n[ 75.308063] iso_sock_listen+0x143/0x5c0 [bluetooth]\n[ 75.308085] __sys_listen_socket+0x49/0x60\n[ 75.308088] __x64_sys_listen+0x4c/0x90\n[ 75.308090] x64_sys_call+0x2517/0x25f0\n[ 75.308092] do_syscall_64+0x87/0x150\n[ 75.308095] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 75.308098]\n-> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_ISO){+.+.}-{0:0}:\n[ 75.308100] __lock_acquire+0x155e/0x25f0\n[ 75.308103] lock_acquire+0xc9/0x300\n[ 75.308105] lock_sock_nested+0x32/0x90\n[ 75.308107] iso_connect_cfm+0x253/0x840 [bluetooth]\n[ 75.308128] hci_connect_cfm+0x6c/0x190 [bluetooth]\n[ 75.308155] hci_le_per_adv_report_evt+0x27b/0x2f0 [bluetooth]\n[ 75.308180] hci_le_meta_evt+0xe7/0x200 [bluetooth]\n[ 75.308206] hci_event_packet+0x21f/0x5c0 [bluetooth]\n[ 75.308230] hci_rx_work+0x3ae/0xb10 [bluetooth]\n[ 75.308254] process_one_work+0x212/0x740\n[ 75.308256] worker_thread+0x1bd/0x3a0\n[ 75.308258] kthread+0xe4/0x120\n[ 75.308259] ret_from_fork+0x44/0x70\n[ 75.308261] ret_from_fork_asm+0x1a/0x30\n[ 75.308263]\nother info that might help us debug this:\n[ 75.308264] Possible unsafe locking scenario:\n[ 75.308264] CPU0 CPU1\n[ 75.308265] ---- ----\n[ 75.308265] lock(&hdev->lock);\n[ 75.308267] lock(sk_lock-\nAF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308268] lock(&hdev->lock);\n[ 75.308269] lock(sk_lock-AF_BLUETOOTH-BTPROTO_ISO);\n[ 75.308270]\n*** DEADLOCK ***\n[ 75.308271] 4 locks held by kworker/u81:2/2623:\n[ 75.308272] #0: ffff8fdd66e52148 ((wq_completion)hci0#2){+.+.}-{0:0},\nat: process_one_work+0x443/0x740\n[ 75.308276] #1: ffffafb488b7fe48 ((work_completion)(&hdev->rx_work)),\nat: process_one_work+0x1ce/0x740\n[ 75.308280] #2: ffff8fdd61a10078 (&hdev->lock){+.+.}-{3:3}\nat: hci_le_per_adv_report_evt+0x47/0x2f0 [bluetooth]\n[ 75.308304] #3: ffffffffb6ba4900 (rcu_read_lock){....}-{1:2},\nat: hci_connect_cfm+0x29/0x190 [bluetooth]"], "name": "CVE-2024-54460", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-01-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-54460\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-54460\nhttps://lore.kernel.org/linux-cve-announce/2025011158-CVE-2024-54460-c8c8@gregkh/T"], "threat_severity": "Moderate"}

{}