CVE-2023-1989

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

History

11 Jan 2024, 19:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html -

22 Dec 2023, 20:55

Type Values Removed Values Added
References (DEBIAN) https://www.debian.org/security/2023/dsa-5492 - (DEBIAN) https://www.debian.org/security/2023/dsa-5492 - Third Party Advisory
CPE cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

09 Nov 2023, 13:57

Type Values Removed Values Added
First Time Netapp h410s
Netapp h700s
Netapp h410c
Netapp h500s
Netapp h300s
CPE cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

10 Sep 2023, 12:15

Type Values Removed Values Added
References
  • (DEBIAN) https://www.debian.org/security/2023/dsa-5492 -

18 Aug 2023, 18:40

Type Values Removed Values Added
References (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html - (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html - Mailing List, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20230601-0004/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20230601-0004/ - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html - (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html - Mailing List, Third Party Advisory
CPE cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*
First Time Debian
Netapp baseboard Management Controller H700s
Netapp baseboard Management Controller H410s
Netapp
Netapp baseboard Management Controller H500s
Netapp baseboard Management Controller H410c
Netapp baseboard Management Controller H300s
Debian debian Linux

01 Jun 2023, 14:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20230601-0004/ -

Information

Published : 2023-04-11 21:15

Updated : 2024-08-26 13:35


NVD link : CVE-2023-1989

Mitre link : CVE-2023-1989

CVE.ORG link : CVE-2023-1989


JSON object : View

Products Affected

netapp

  • h700s
  • h300s
  • h500s
  • h410c
  • h410s

linux

  • linux_kernel

debian

  • debian_linux
CWE
CWE-416

Use After Free