{"uuid": "b69641f2-b11a-47ae-9823-47fa0225b578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47709", "type": "seen", "source": "https://t.me/cvedetector/8471", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47709 - Qualcomm BCM Process Support Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47709 \nPublished : Oct. 21, 2024, 12:15 p.m. | 41\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ncan: bcm: Clear bo->bcm_proc_read after remove_proc_entry().  \n  \nsyzbot reported a warning in bcm_release(). [0]  \n  \nThe blamed change fixed another warning that is triggered when  \nconnect() is issued again for a socket whose connect()ed device has  \nbeen unregistered.  \n  \nHowever, if the socket is just close()d without the 2nd connect(), the  \nremaining bo->bcm_proc_read triggers unnecessary remove_proc_entry()  \nin bcm_release().  \n  \nLet's clear bo->bcm_proc_read after remove_proc_entry() in bcm_notify().  \n  \n[0]  \nname '4986'  \nWARNING: CPU: 0 PID: 5234 at fs/proc/generic.c:711 remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711  \nModules linked in:  \nCPU: 0 UID: 0 PID: 5234 Comm: syz-executor606 Not tainted 6.11.0-rc5-syzkaller-00178-g5517ae241919 #0  \nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024  \nRIP: 0010:remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711  \nCode: ff eb 05 e8 cb 1e 5e ff 48 8b 5c 24 10 48 c7 c7 e0 f7 aa 8e e8 2a 38 8e 09 90 48 c7 c7 60 3a 1b 8c 48 89 de e8 da 42 20 ff 90 <0f0b 90 90 48 8b 44 24 18 48 c7 44 24 40 0e 36 e0 45 49 c7 04 07  \nRSP: 0018:ffffc9000345fa20 EFLAGS: 00010246  \nRAX: 2a2d0aee2eb64600 RBX: ffff888032f1f548 RCX: ffff888029431e00  \nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000  \nRBP: ffffc9000345fb08 R08: ffffffff8155b2f2 R09: 1ffff1101710519a  \nR10: dffffc0000000000 R11: ffffed101710519b R12: ffff888011d38640  \nR13: 0000000000000004 R14: 0000000000000000 R15: dffffc0000000000  \nFS:  0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000  \nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \nCR2: 00007fcfb52722f0 CR3: 000000000e734000 CR4: 00000000003506f0  \nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000  \nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400  \nCall Trace:  \n   \n bcm_release+0x250/0x880 net/can/bcm.c:1578  \n __sock_release net/socket.c:659 [inline]  \n sock_close+0xbc/0x240 net/socket.c:1421  \n __fput+0x24a/0x8a0 fs/file_table.c:422  \n task_work_run+0x24f/0x310 kernel/task_work.c:228  \n exit_task_work include/linux/task_work.h:40 [inline]  \n do_exit+0xa2f/0x27f0 kernel/exit.c:882  \n do_group_exit+0x207/0x2c0 kernel/exit.c:1031  \n __do_sys_exit_group kernel/exit.c:1042 [inline]  \n __se_sys_exit_group kernel/exit.c:1040 [inline]  \n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040  \n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232  \n do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83  \n entry_SYSCALL_64_after_hwframe+0x77/0x7f  \nRIP: 0033:0x7fcfb51ee969  \nCode: Unable to access opcode bytes at 0x7fcfb51ee93f.  \nRSP: 002b:00007ffce0109ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7  \nRAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fcfb51ee969  \nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001  \nRBP: 00007fcfb526f3b0 R08: ffffffffffffffb8 R09: 0000555500000000  \nR10: 0000555500000000 R11: 0000000000000246 R12: 00007fcfb526f3b0  \nR13: 0000000000000000 R14: 00007fcfb5271ee0 R15: 00007fcfb51bf160 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T15:09:59.000000Z"}