CVE-2023-1989

Published: Apr 11, 2023Modified: Nov 21, 2024

7.0

Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.0 / Impact: 5.9

Source: NVD

Description

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

Affected (14)

Products: Linux: Linux Kernel · Netapp: H300s, H410c, H410s, H500s, H700s · Debian: Debian Linux

1 product

5 products

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 2.6.24 to 4.14.312
Linux Linux Kernel	From 4.15 to 4.19.280
Linux Linux Kernel	From 4.20 to 5.4.240
Linux Linux Kernel	From 5.11 to 5.15.105
Linux Linux Kernel	From 5.16 to 6.1.22
Linux Linux Kernel	From 5.5 to 5.10.177
Linux Linux Kernel	From 6.2 to 6.2.9

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Netapp H300s	All versions
Netapp H410c	All versions
Netapp H410s	All versions
Netapp H500s	All versions
Netapp H700s	All versions

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 12.0

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (12)

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088

Source: secalert@redhat.com

Mailing ListPatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html

Source: secalert@redhat.com

https://security.netapp.com/advisory/ntap-20230601-0004/

Source: secalert@redhat.com

Third Party Advisory

https://www.debian.org/security/2023/dsa-5492

Source: secalert@redhat.com

Third Party Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.netapp.com/advisory/ntap-20230601-0004/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.debian.org/security/2023/dsa-5492

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.