APPLIED Re: [SRU OEM-5.17,OEM-6.0 0/1] CVE-2023-2002
Timo Aaltonen
tjaalton at ubuntu.com
Fri Aug 11 09:31:12 UTC 2023
Thadeu Lima de Souza Cascardo kirjoitti 4.8.2023 klo 14.08:
> [Impact]
> Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did
> not properly perform permissions checks when handling HCI sockets. A
> physically proximate attacker could use this to cause a denial of service
> (bluetooth communication).
>
> [Potential regression]
> Bluetooth users may be affected.
>
> Ruihan Li (1):
> bluetooth: Perform careful capability checks in hci_sock_ioctl()
>
> net/bluetooth/hci_sock.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
applied to oem kernels, thanks
--
t
More information about the kernel-team
mailing list