CVE-2023-53827

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}

Similar to commit d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"), just use l2cap_chan_hold_unless_zero to prevent referencing a channel that is about to be destroyed.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 < f2d38e77aa5f3effc143e7dd24da8acf02925958affected
LinuxLinux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 < 1351551aa9058e07a20a27a158270cf84fcde621affected
LinuxLinux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 < c02421992505c95c7f3c9ad59ee35e22eac60988affected
LinuxLinux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 < d9ba36c22a7bb09d6bac4cc2f243eff05da53f43affected
LinuxLinux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 < ac6725a634f7e8c0330610a8527f20c730b61115affected
LinuxLinux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 < 348d446762e7c70778df8bafbdf3fa0df2123f58affected
LinuxLinux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 < d82a439c3cfdb28aa7e82e2e849c5c4dd9fca284affected
LinuxLinux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 < a2a9339e1c9deb7e1e079e12e27a0265aea8421aaffected
LinuxLinux3.5affected
LinuxLinux0 < 3.5unaffected
LinuxLinux4.14.313 <= 4.14.*unaffected
LinuxLinux4.19.281 <= 4.19.*unaffected
LinuxLinux5.4.241 <= 5.4.*unaffected
LinuxLinux5.10.178 <= 5.10.*unaffected
LinuxLinux5.15.108 <= 5.15.*unaffected
LinuxLinux6.1.25 <= 6.1.*unaffected
LinuxLinux6.2.12 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References