[SRU Xenial, Bionic 0/1] CVE-2023-40283
Cengiz Can
cengiz.can at canonical.com
Mon Aug 28 15:57:48 UTC 2023
[Impact]
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in
the Linux kernel before 6.4.10. There is a use-after-free because the children
of an sk are mishandled.
[Fix]
Cherry picked from upstream.
[Test case]
Compile, boot and l2test tested with dual bluetooth adapters.
[Potential regression]
Low regression potential.
Sungwoo Kim (1):
Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
net/bluetooth/l2cap_sock.c | 2 ++
1 file changed, 2 insertions(+)
--
2.39.2
More information about the kernel-team
mailing list