CVE-2024-50078

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> Bluetooth: Call iso_exit() on module unload<br /> <br /> If iso_init() has been called, iso_exit() must be called on module<br /> unload. Without that, the struct proto that iso_init() registered with<br /> proto_register() becomes invalid, which could cause unpredictable<br /> problems later. In my case, with CONFIG_LIST_HARDENED and<br /> CONFIG_BUG_ON_DATA_CORRUPTION enabled, loading the module again usually<br /> triggers this BUG():<br /> <br /> list_add corruption. next-&gt;prev should be prev (ffffffffb5355fd0),<br /> but was 0000000000000068. (next=ffffffffc0a010d0).<br /> ------------[ cut here ]------------<br /> kernel BUG at lib/list_debug.c:29!<br /> Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI<br /> CPU: 1 PID: 4159 Comm: modprobe Not tainted 6.10.11-4+bt2-ao-desktop #1<br /> RIP: 0010:__list_add_valid_or_report+0x61/0xa0<br /> ...<br /> __list_add_valid_or_report+0x61/0xa0<br /> proto_register+0x299/0x320<br /> hci_sock_init+0x16/0xc0 [bluetooth]<br /> bt_init+0x68/0xd0 [bluetooth]<br /> __pfx_bt_init+0x10/0x10 [bluetooth]<br /> do_one_initcall+0x80/0x2f0<br /> do_init_module+0x8b/0x230<br /> __do_sys_init_module+0x15f/0x190<br /> do_syscall_64+0x68/0x110<br /> ...