Updated: 2024-11-30 01:46:57.875565
Description:
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | LOW | 2.1 |
CVSS Version 3.x | MEDIUM | 5.5 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | kernel | 5.14.0 | 5.5 | MEDIUM | Ignored | 2023-11-08 04:07:54 | ||
AlmaLinux 9.2 FIPS | kernel | 5.14.0 | 5.5 | MEDIUM | Ignored | 2023-11-21 04:12:27 | ||
CentOS 7 ELS | kernel | 3.10.0 | 5.5 | MEDIUM | Not Vulnerable | 2023-11-03 14:07:47 | ||
CentOS 8.4 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Released | CLSA-2022:1651145959 | 2022-04-28 16:00:02 | |
CentOS 8.5 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2022-02-21 05:39:40 | ||
Oracle Linux 6 ELS | kernel | 2.6.32 | 5.5 | MEDIUM | Ignored | 2022-12-02 16:06:03 | ||
Ubuntu 16.04 ELS | linux | 4.4.0 | 5.5 | MEDIUM | Released | 2021-12-09 07:57:15 | ||
Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 5.5 | MEDIUM | Released | 2023-04-27 14:05:00 | ||
Ubuntu 18.04 ELS | linux | 4.15.0 | 5.5 | MEDIUM | Ignored | 2023-03-02 04:04:01 |