[SRU][F/J/L][PATCH 0/1] CVE-2023-31083
Yuxuan Luo
yuxuan.luo at canonical.com
Tue Sep 12 22:02:44 UTC 2023
[Impact]
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux
kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between
HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before
hu->proto is set. A NULL pointer dereference may occur.
[Backport]
It is a clean cherry pick.
[Test]
Smoked tested via calling the `hcitool` command.
[Potential Regression]
Expect very low regression potential.
Lee, Chun-Yi (1):
Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in
HCIUARTGETPROTO
drivers/bluetooth/hci_ldisc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list