7.8

CVE-2023-53305

Bluetooth: L2CAP: Fix use-after-free

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: L2CAP: Fix use-after-free

Fix potential use-after-free in l2cap_le_command_rej.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.14.324
LinuxLinux Kernel Version >= 4.15 < 4.19.293
LinuxLinux Kernel Version >= 4.20 < 5.4.255
LinuxLinux Kernel Version >= 5.5 < 5.10.192
LinuxLinux Kernel Version >= 5.11 < 5.15.128
LinuxLinux Kernel Version >= 5.16 < 6.1.47
LinuxLinux Kernel Version >= 6.2 < 6.4.12
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.046
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/e76bab1b7afa580cd76362540fc37551ada4359b
Patch
https://git.kernel.org/stable/c/1a40c56e8bff3e424724d78a9a6b3272dd8a371d
Patch
https://git.kernel.org/stable/c/fe49aa73cca6608714477b74bfc6874b9db979df
Patch
https://git.kernel.org/stable/c/2958cf9f805b9f0bdc4a761bf6ea281eb8d44f8e
Patch
https://git.kernel.org/stable/c/548a6b64b3c0688f01119a6fcccceb41f8c984e4
Patch
https://git.kernel.org/stable/c/149daab45922ab1ac7f0cbeacab7251a46bf5e63
Patch
https://git.kernel.org/stable/c/255be68150291440657b2cdb09420b69441af3d8
Patch
https://git.kernel.org/stable/c/f752a0b334bb95fe9b42ecb511e0864e2768046f
Patch