CVE-2023-2002

Summary

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.

Affected Software

VendorProductVersion RangeStatus
n/aKernelKernel prior to Kernel 6.4-rc1affected

Weaknesses

  • CWE-250: CWE-250

ADP Enrichment

CVE Program Container

Additional References

References