[SRU Focal, Jammy, HWE-5.19, OEM-6.0, Lunar 0/1] CVE-2023-40283
Cengiz Can
cengiz.can at canonical.com
Fri Sep 1 13:43:28 UTC 2023
On 01/09/2023 13:21, Stefan Bader wrote:
> On 28.08.23 17:56, Cengiz Can wrote:
>> [Impact]
>> An issue was discovered in l2cap_sock_release in
>> net/bluetooth/l2cap_sock.c in
>> the Linux kernel before 6.4.10. There is a use-after-free because the
>> children
>> of an sk are mishandled.
>>
>> [Fix]
>> Cherry picked from upstream.
>>
>> [Test case]
>> Compile, boot and l2test tested with dual bluetooth adapters.
>>
>> [Potential regression]
>> Low regression potential.
>>
>> Sungwoo Kim (1):
>> Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
>>
>> net/bluetooth/l2cap_sock.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>
> Is this already in OEM-6.0?
I assume you meant OEM-6.1. It's already in OEM-6.1.
More information about the kernel-team
mailing list