A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
References
Link | Resource |
---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088 | Mailing List Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html | |
https://security.netapp.com/advisory/ntap-20230601-0004/ | Third Party Advisory |
https://www.debian.org/security/2023/dsa-5492 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
11 Jan 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Dec 2023, 20:55
Type | Values Removed | Values Added |
---|---|---|
References | (DEBIAN) https://www.debian.org/security/2023/dsa-5492 - Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* |
09 Nov 2023, 13:57
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp h410s
Netapp h700s Netapp h410c Netapp h500s Netapp h300s |
|
CPE | cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:* |
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* |
10 Sep 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Aug 2023, 18:40
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230601-0004/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:* |
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:* |
First Time |
Debian
Netapp baseboard Management Controller H700s Netapp baseboard Management Controller H410s Netapp Netapp baseboard Management Controller H500s Netapp baseboard Management Controller H410c Netapp baseboard Management Controller H300s Debian debian Linux |
01 Jun 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-04-11 21:15
Updated : 2024-08-26 13:35
NVD link : CVE-2023-1989
Mitre link : CVE-2023-1989
CVE.ORG link : CVE-2023-1989
JSON object : View
Products Affected
netapp
- h700s
- h300s
- h500s
- h410c
- h410s
linux
- linux_kernel
debian
- debian_linux
CWE
CWE-416
Use After Free