[SRU OEM-5.17,OEM-6.0 0/1] CVE-2023-2002
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Aug 4 11:08:17 UTC 2023
[Impact]
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did
not properly perform permissions checks when handling HCI sockets. A
physically proximate attacker could use this to cause a denial of service
(bluetooth communication).
[Potential regression]
Bluetooth users may be affected.
Ruihan Li (1):
bluetooth: Perform careful capability checks in hci_sock_ioctl()
net/bluetooth/hci_sock.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list