Updated: 2025-01-14 17:50:59.889724
Description:
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the provided sock object. If rfcomm_dlc_alloc() fails, we release the sk object, but leave the dangling pointer in the sock object, which may cause use-after-free. Fix this by swapping calls to bt_sock_alloc() and rfcomm_dlc_alloc().
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | 0 | |
CVSS Version 3.x | HIGH | 7.8 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.8 | HIGH | Released | CLSA-2025:1738671431 | 2025-02-05 02:17:32 | |
AlmaLinux 9.2 FIPS | kernel | 5.14.0 | 7.8 | HIGH | Released | CLSA-2025:1738670922 | 2025-02-05 02:17:33 | |
CentOS 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Needs Triage | 2025-01-14 13:33:47 | ||
CentOS 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | In Rollout | CLSA-2025:1738672047 | 2025-02-05 02:17:31 | |
CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Needs Triage | 2025-01-14 13:33:53 | ||
CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Needs Triage | 2025-01-14 13:33:52 | ||
CentOS Stream 8 ELS | kernel | 4.18.0 | 7.8 | HIGH | Released | CLSA-2025:1738592614 | 2025-02-04 02:15:04 | |
CloudLinux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Needs Triage | 2025-01-14 13:33:48 | ||
CloudLinux 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Needs Triage | 2025-01-14 13:33:59 | ||
Oracle Linux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Needs Triage | 2025-01-14 13:33:55 |