5.5

CVE-2022-48971

Bluetooth: Fix not cleanup led when bt_init fails

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Fix not cleanup led when bt_init fails

bt_init() calls bt_leds_init() to register led, but if it fails later,
bt_leds_cleanup() is not called to unregister it.

This can cause panic if the argument "bluetooth-power" in text is freed
and then another led_trigger_register() tries to access it:

BUG: unable to handle page fault for address: ffffffffc06d3bc0
RIP: 0010:strcmp+0xc/0x30
  Call Trace:
    <TASK>
    led_trigger_register+0x10d/0x4f0
    led_trigger_register_simple+0x7d/0x100
    bt_init+0x39/0xf7 [bluetooth]
    do_one_initcall+0xd0/0x4e0
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.9 < 4.19.269
LinuxLinux Kernel Version >= 4.20 < 5.4.227
LinuxLinux Kernel Version >= 5.5 < 5.10.159
LinuxLinux Kernel Version >= 5.11 < 5.15.83
LinuxLinux Kernel Version >= 5.16 < 6.0.13
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
LinuxLinux Kernel Version6.1 Updaterc3
LinuxLinux Kernel Version6.1 Updaterc4
LinuxLinux Kernel Version6.1 Updaterc5
LinuxLinux Kernel Version6.1 Updaterc6
LinuxLinux Kernel Version6.1 Updaterc7
LinuxLinux Kernel Version6.1 Updaterc8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.142
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/2c6cf0afc3856359e620e96edd952457d258e16c
Patch
https://git.kernel.org/stable/c/2f3957c7eb4e07df944169a3e50a4d6790e1c744
Patch
https://git.kernel.org/stable/c/5ecf7cd6fde5e72c87122084cf00d63e35d8dd9f
Patch
https://git.kernel.org/stable/c/8a66c3a94285552f6a8e45d73b34ebbad11d388b
Patch
https://git.kernel.org/stable/c/e7b950458156d410509a08c41930b75e72985938
Patch
https://git.kernel.org/stable/c/edf7284a98296369dd0891a0457eec37df244873
Patch