CVE-2023-53297
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' is triggered.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | f2d38e77aa5f3effc143e7dd24da8acf02925958 < 5f352a56f0e607e6ff539cbf12156bfd8af232be | affected |
| Linux | Linux | 1351551aa9058e07a20a27a158270cf84fcde621 < 6a27762340ad08643de3bc17fe1646ea489ca2e2 | affected |
| Linux | Linux | c02421992505c95c7f3c9ad59ee35e22eac60988 < 2112c4c47d36bc5aba3ddeb9afedce6ae6a67e7d | affected |
| Linux | Linux | d9ba36c22a7bb09d6bac4cc2f243eff05da53f43 < 55410a9144c76ecda126e6cdec556dfcd8f343b2 | affected |
| Linux | Linux | ac6725a634f7e8c0330610a8527f20c730b61115 < 116b9c002c894097adc2b8684db2d1da4229ed46 | affected |
| Linux | Linux | 348d446762e7c70778df8bafbdf3fa0df2123f58 < fd269a0435f8e9943b7a57c5a59688848d42d449 | affected |
| Linux | Linux | a2a9339e1c9deb7e1e079e12e27a0265aea8421a < 5134556c9be582793f30695c09d18a26fe1ff2d7 | affected |
| Linux | Linux | a2a9339e1c9deb7e1e079e12e27a0265aea8421a < 25e97f7b1866e6b8503be349eeea44bb52d661ce | affected |
| Linux | Linux | d82a439c3cfdb28aa7e82e2e849c5c4dd9fca284 | affected |
| Linux | Linux | 4.14.313 < 4.14.316 | affected |
| Linux | Linux | 4.19.281 < 4.19.284 | affected |
| Linux | Linux | 5.4.241 < 5.4.244 | affected |
| Linux | Linux | 5.10.178 < 5.10.181 | affected |
| Linux | Linux | 5.15.108 < 5.15.113 | affected |
| Linux | Linux | 6.1.25 < 6.1.30 | affected |
| Linux | Linux | 6.2.12 < 6.3 | affected |
| Linux | Linux | 6.3 | affected |
| Linux | Linux | 0 < 6.3 | unaffected |
| Linux | Linux | 4.14.316 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.284 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.244 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.181 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.113 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.30 <= 6.1.* | unaffected |
| Linux | Linux | 6.3.4 <= 6.3.* | unaffected |
| Linux | Linux | 6.4 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/5f352a56f0e607e6ff539cbf12156bfd8af232be
- https://git.kernel.org/stable/c/6a27762340ad08643de3bc17fe1646ea489ca2e2
- https://git.kernel.org/stable/c/2112c4c47d36bc5aba3ddeb9afedce6ae6a67e7d
- https://git.kernel.org/stable/c/55410a9144c76ecda126e6cdec556dfcd8f343b2
- https://git.kernel.org/stable/c/116b9c002c894097adc2b8684db2d1da4229ed46
- https://git.kernel.org/stable/c/fd269a0435f8e9943b7a57c5a59688848d42d449
- https://git.kernel.org/stable/c/5134556c9be582793f30695c09d18a26fe1ff2d7
- https://git.kernel.org/stable/c/25e97f7b1866e6b8503be349eeea44bb52d661ce
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.