ACK: [SRU OEM-5.17,OEM-6.0 0/1] CVE-2023-2002
Tim Gardner
tim.gardner at canonical.com
Fri Aug 4 13:09:00 UTC 2023
On 8/4/23 5:08 AM, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did
> not properly perform permissions checks when handling HCI sockets. A
> physically proximate attacker could use this to cause a denial of service
> (bluetooth communication).
>
> [Potential regression]
> Bluetooth users may be affected.
>
> Ruihan Li (1):
> bluetooth: Perform careful capability checks in hci_sock_ioctl()
>
> net/bluetooth/hci_sock.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list