Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-31083

Опубликовано: 17 апр. 2023
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.

A NULL pointer dereference flaw was found in the Linux kernel’s Bluetooth HCI UART driver. This flaw allows a local user to crash the system.

Меры по смягчению последствий

To mitigate this issue, prevent module hci_uart from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2024:295022.05.2024
Red Hat Enterprise Linux 8kernelFixedRHSA-2024:313822.05.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:239430.04.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:239430.04.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2213132kernel: race condition between HCIUARTSETPROTO and HCIUARTGETPROTO in hci_uart_tty_ioctl

EPSS

Процентиль: 0%
0.00006
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-31083

CVSS3: 4.7
ubuntu
около 2 лет назад

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.

nvd логотип

CVE-2023-31083

CVSS3: 4.7
nvd
около 2 лет назад

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.

debian логотип

CVE-2023-31083

CVSS3: 4.7
debian
около 2 лет назад

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux ...

github логотип

GHSA-cv34-v4cf-53pq

CVSS3: 4.7
github
около 2 лет назад

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.

fstec логотип

BDU:2023-02519

CVSS3: 4.7
fstec
около 2 лет назад

Уязвимость драйвере Bluetooth ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 0%
0.00006
Низкий

4.7 Medium

CVSS3