CVE-2023-1989

Updated: 2024-11-30 04:16:59.30464

Description:

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.0 HIGH Released CLSA-2024:1712263970 2024-04-07 09:57:17
AlmaLinux 9.2 FIPS kernel 5.14.0 7.0 HIGH Released CLSA-2024:1712570434 2024-04-08 10:43:47
CentOS 6 ELS kernel 2.6.32 7.0 HIGH Released CLSA-2023:1682705952 2023-05-04 17:05:24
CentOS 7 ELS kernel 3.10.0 7.0 HIGH Released CLSA-2024:1720468480 2024-07-23 17:32:25
CentOS 8.4 ELS kernel 4.18.0 7.0 HIGH Released CLSA-2023:1686585068 2023-06-13 09:05:40
CentOS 8.5 ELS kernel 4.18.0 7.0 HIGH Released CLSA-2023:1686651204 2023-06-13 09:05:40
CentOS Stream 8 ELS kernel 4.18.0 7.0 HIGH Already Fixed 2024-06-29 10:08:37
CloudLinux 6 ELS kernel 2.6.32 7.0 HIGH Ignored 2024-10-09 04:17:11
CloudLinux 7 ELS kernel 3.10.0 7.0 HIGH In Progress 2024-10-28 23:32:09
Oracle Linux 6 ELS kernel 2.6.32 7.0 HIGH Released CLSA-2023:1682711913 2023-04-28 17:05:12
Total: 13