CVE-2023-53018

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: hci_conn: Fix memory leaks

When hci_cmd_sync_queue() failed in hci_le_terminate_big() or hci_le_big_terminate(), the memory pointed by variable d is not freed, which will cause memory leak. Add release process to error path.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxeca0ae4aea66914515e5e3098ea051b518ee5316 < f51a825b9f730a782aa768454906b4468e67b667affected
LinuxLinuxeca0ae4aea66914515e5e3098ea051b518ee5316 < 3aa21311f36d8a2730c7ccef37235e951f23927baffected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.9 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References