CVE-2023-1989

Updated: 2024-01-11 19:43:23.840228

Description:

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 7 HIGH Released CLSA-2024:1712263970 2024-04-07 09:57:17
AlmaLinux 9.2 FIPS kernel 5.14.0 7 HIGH Released CLSA-2024:1712570434 2024-04-08 10:43:47
CentOS 6 ELS kernel 2.6.32 7 HIGH Released CLSA-2023:1682705952 2023-05-04 17:05:24
CentOS 7 ELS kernel 3.10.0 7 HIGH Ignored 2023-10-27 11:08:58
CentOS 8.4 ELS kernel 4.18.0 7 HIGH Released CLSA-2023:1686585068 2023-06-13 09:05:40
CentOS 8.5 ELS kernel 4.18.0 7 HIGH Released CLSA-2023:1686651204 2023-06-13 09:05:40
CloudLinux 6 ELS kernel 2.6.32 7 HIGH In Testing 2023-06-13 09:05:41
Oracle Linux 6 ELS kernel 2.6.32 7 HIGH Released CLSA-2023:1682711913 2023-04-28 17:05:12
Ubuntu 16.04 ELS linux 4.4.0 7 HIGH Released CLSA-2023:1684277390 2023-05-16 21:14:20
Ubuntu 16.04 ELS linux-hwe 4.15.0 7 HIGH Released CLSA-2023:1689788960 2023-07-19 14:06:27
Total: 11