CVE-2024-56604: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56604 is a vulnerability in the Linux kernel's Bluetooth RFCOMM implementation. The issue was discovered in December 2024 and involves a potential use-after-free condition in the rfcommsockalloc() function. The vulnerability affects multiple versions of the Linux kernel up to versions 6.1.120, 6.6.66, and 6.12.5 (NVD).

The vulnerability occurs in the Bluetooth RFCOMM socket allocation process where btsockalloc() attaches an allocated sk object to the provided sock object. If rfcommdlcalloc() fails, the code releases the sk object but leaves a dangling pointer in the sock object, which may lead to a use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability could potentially lead to privilege escalation, denial of service, or information leaks in affected Linux systems. The high CVSS score indicates that successful exploitation could result in complete compromise of confidentiality, integrity, and availability of the affected system (NVD).

The vulnerability has been fixed by swapping the calls to btsockalloc() and rfcommdlcalloc() in the affected code. The fix is available in Linux kernel versions after 6.1.120, 6.6.66, and 6.12.5. Users are recommended to upgrade their Linux kernel to the patched versions (Kernel Patch).