{
  "public_date" : "2025-01-15T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: Bluetooth: hci_core: Fix sleeping function called from invalid context",
    "id" : "2338195",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2338195"
  },
  "cwe" : "CWE-662",
  "details" : [ "[REJECTED CVE] A vulnerability was identified in the Linux kernel's Bluetooth: hci_core package, where a sleeping function (mutex_lock) was improperly invoked from an invalid context within the HCI event handling workqueue, potentially leading to kernel warnings or deadlocks. An attacker exploiting this flaw could trigger crafted Bluetooth events or malformed packets to indirectly cause system instability or denial of service through workqueue execution paths." ],
  "statement" : "This CVE has been rejected upstream: https://lore.kernel.org/linux-cve-announce/2025032814-REJECTED-03ca@gregkh/",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-05-13T00:00:00Z",
    "advisory" : "RHSA-2025:6966",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-570.12.1.el9_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-05-13T00:00:00Z",
    "advisory" : "RHSA-2025:6966",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-570.12.1.el9_6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-57894\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-57894\nhttps://lore.kernel.org/linux-cve-announce/2025011513-CVE-2024-57894-fbfe@gregkh/T" ],
  "name" : "CVE-2024-57894",
  "csaw" : false
}