CVE-2023-1989

HIGH 7.1

CVSS Score

7.1

EPSS Score

0.0%

EPSS Percentile

0th

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

CWE	CWE-416
Vendor	n/a
Product	kernel
Published	Apr 11, 2023
Last Updated	Aug 26, 2024

Stay Ahead of the Next One

Get instant alerts for n/a kernel

Be the first to know when new high vulnerabilities affecting n/a kernel are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / Kernel

Linux kernel version prior to Kernel 6.3 RC4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=f132c2d13088 lists.debian.org: https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html security.netapp.com: https://security.netapp.com/advisory/ntap-20230601-0004/ debian.org: https://www.debian.org/security/2023/dsa-5492 lists.debian.org: https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html