CVE-2024-42141

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> Bluetooth: ISO: Check socket flag instead of hcon<br /> <br /> This fixes the following Smatch static checker warning:<br /> <br /> net/bluetooth/iso.c:1364 iso_sock_recvmsg()<br /> error: we previously assumed &amp;#39;pi-&gt;conn-&gt;hcon&amp;#39; could be null (line 1359)<br /> <br /> net/bluetooth/iso.c<br /> 1347 static int iso_sock_recvmsg(struct socket *sock, struct msghdr *msg,<br /> 1348 size_t len, int flags)<br /> 1349 {<br /> 1350 struct sock *sk = sock-&gt;sk;<br /> 1351 struct iso_pinfo *pi = iso_pi(sk);<br /> 1352<br /> 1353 BT_DBG("sk %p", sk);<br /> 1354<br /> 1355 if (test_and_clear_bit(BT_SK_DEFER_SETUP,<br /> &amp;bt_sk(sk)-&gt;flags)) {<br /> 1356 lock_sock(sk);<br /> 1357 switch (sk-&gt;sk_state) {<br /> 1358 case BT_CONNECT2:<br /> 1359 if (pi-&gt;conn-&gt;hcon &amp;&amp;<br /> ^^^^^^^^^^^^^^ If -&gt;hcon is NULL<br /> <br /> 1360 test_bit(HCI_CONN_PA_SYNC,<br /> &amp;pi-&gt;conn-&gt;hcon-&gt;flags)) {<br /> 1361 iso_conn_big_sync(sk);<br /> 1362 sk-&gt;sk_state = BT_LISTEN;<br /> 1363 } else {<br /> --&gt; 1364 iso_conn_defer_accept(pi-&gt;conn-&gt;hcon);<br /> ^^^^^^^^^^^^^^<br /> then we&amp;#39;re toast<br /> <br /> 1365 sk-&gt;sk_state = BT_CONFIG;<br /> 1366 }<br /> 1367 release_sock(sk);<br /> 1368 return 0;<br /> 1369 case BT_CONNECTED:<br /> 1370 if (test_bit(BT_SK_PA_SYNC,