[SRU OEM-5.14, HWE-5.17 0/1] CVE-2022-20566
Cengiz Can
cengiz.can at canonical.com
Wed Feb 1 22:23:23 UTC 2023
[Impact]
In l2cap_chan_put of l2cap_core, there is a possible use after free due to
improper locking. This could lead to local escalation of privilege with no
additional execution privileges needed. User interaction is not needed for
exploitation.
[Fix]
Clean cherry pick from upstream.
[Test case]
Compile, boot and basic functionality tested with l2test.
[Potential regression]
Low. Adds a function to help with null check.
Luiz Augusto von Dentz (1):
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
include/net/bluetooth/l2cap.h | 1 +
net/bluetooth/l2cap_core.c | 61 +++++++++++++++++++++++++++--------
2 files changed, 49 insertions(+), 13 deletions(-)
--
2.37.2
More information about the kernel-team
mailing list