← Back

CVE-2023-28464

nvd nist
Published: Mar 31, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.

Affected (14)

Linux
1 product
Linux Kernel
Netapp
5 products
H300s Firmware
H410c Firmware
H410s Firmware
H500s Firmware
H700s Firmware
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Version 6.1.25
Linux Kernel
Version 6.2.12
Linux Kernel
Version 6.3
Linux Kernel
Version 6.3 rc1
Linux Kernel
Version 6.3 rc2
Linux Kernel
Version 6.3 rc3
Linux Kernel
Version 6.3 rc4
Linux Kernel
Version 6.3 rc5
Linux Kernel
Version 6.3 rc6
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
H300s Firmware
All versions
H410c Firmware
All versions
H410s Firmware
All versions
H500s Firmware
All versions
H700s Firmware
All versions

Related CWEs

CWE-415
Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (8)

Source: cve@mitre.org
Mailing ListPatch
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Mailing ListPatch
Source: cve@mitre.org
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List

Timeline

No history available yet.