CVE-2023-54214

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: L2CAP: Fix potential user-after-free

This fixes all instances of which requires to allocate a buffer calling alloc_skb which may release the chan lock and reacquire later which makes it possible that the chan is disconnected in the meantime.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa6a5568c03c4805d4d250f6bd9d468eeeb4ea059 < b2fde8cb2a25125111f2144604e0e7c0ebcc4bbaaffected
LinuxLinuxa6a5568c03c4805d4d250f6bd9d468eeeb4ea059 < a6a7d1541fefddf7ca0cfb34c1bff63ff809cc49affected
LinuxLinuxa6a5568c03c4805d4d250f6bd9d468eeeb4ea059 < 60aaccf16d1e099c16bebfb96428ae762cb528f7affected
LinuxLinuxa6a5568c03c4805d4d250f6bd9d468eeeb4ea059 < b8ed41cc04fb74005aa51d17865ca3d022760335affected
LinuxLinuxa6a5568c03c4805d4d250f6bd9d468eeeb4ea059 < 31a288a4df7f6a28e65da22a4ab2add4a963738eaffected
LinuxLinuxa6a5568c03c4805d4d250f6bd9d468eeeb4ea059 < 64e28ecf44e46de9f01915a4146706a21c3469d2affected
LinuxLinuxa6a5568c03c4805d4d250f6bd9d468eeeb4ea059 < 994e3e18908f5c4a12d07b44018e6aa85f071048affected
LinuxLinuxa6a5568c03c4805d4d250f6bd9d468eeeb4ea059 < df5703348813235874d851934e957c3723d71644affected
LinuxLinux3.5affected
LinuxLinux0 < 3.5unaffected
LinuxLinux4.14.308 <= 4.14.*unaffected
LinuxLinux4.19.276 <= 4.19.*unaffected
LinuxLinux5.4.235 <= 5.4.*unaffected
LinuxLinux5.10.173 <= 5.10.*unaffected
LinuxLinux5.15.99 <= 5.15.*unaffected
LinuxLinux6.1.16 <= 6.1.*unaffected
LinuxLinux6.2.3 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References