7.8

CVE-2023-53145

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition

In btsdio_probe, the data->work is bound with btsdio_work. It will be
started in btsdio_send_frame.

If the btsdio_remove runs with a unfinished work, there may be a race
condition that hdev is freed but used in btsdio_work. Fix it by
canceling the work before do cleanup in btsdio_remove.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.14.326
LinuxLinux Kernel Version >= 4.15 < 4.19.295
LinuxLinux Kernel Version >= 4.20 < 5.4.257
LinuxLinux Kernel Version >= 5.5 < 5.10.195
LinuxLinux Kernel Version >= 5.11 < 5.15.131
LinuxLinux Kernel Version >= 5.16 < 6.1.52
LinuxLinux Kernel Version >= 6.2 < 6.3
LinuxLinux Kernel Version6.3 Updaterc1
LinuxLinux Kernel Version6.3 Updaterc2
LinuxLinux Kernel Version6.3 Updaterc3
LinuxLinux Kernel Version6.3 Updaterc4
LinuxLinux Kernel Version6.3 Updaterc5
LinuxLinux Kernel Version6.3 Updaterc6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.01% 0.019
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.