Описание
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the bt_sock_recvmsg() and bt_sock_ioctl() functions could lead to a use-after-free on a socket buffer ("skb"). This flaw allows a local user to cause a denial of service condition or potential code execution.
Отчет
This flaw has been rated as having a Moderate impact because it is believed to be difficult to exploit and it is not clear whether or not it could be used to achieve local privilege escalation.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2024:2950 | 22.05.2024 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2024:3138 | 22.05.2024 |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | kernel | Fixed | RHSA-2024:3859 | 12.06.2024 |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | kernel | Fixed | RHSA-2024:3859 | 12.06.2024 |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | kernel | Fixed | RHSA-2024:3859 | 12.06.2024 |
| Red Hat Enterprise Linux 8.8 Extended Update Support | kernel | Fixed | RHSA-2024:10941 | 11.12.2024 |
Показывать по
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.
bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel th ...
Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5)
7 High
CVSS3