UBUNTU-CVE-2023-40283

Description

An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• ubuntu•linux

  all | < 4.4.0-245.279 | < 4.15.0-218.229 | < 5.4.0-163.180 | < 5.15.0-84.93

• ubuntu•linux-allwinner-5.19

  all

• ubuntu•linux-aws

  < 4.4.0-1123.129 | < 4.4.0-1161.176 | < 4.15.0-1161.174 | < 5.4.0-1110.119 | < 5.15.0-1045.50

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.11

  all

• ubuntu•linux-aws-5.13

  all

• ubuntu•linux-aws-5.15

  < 5.15.0-1045.50~20.04.1

• ubuntu•linux-aws-5.19

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.4

  < 5.4.0-1110.119~18.04.1

• ubuntu•linux-aws-5.8

  all

• ubuntu•linux-aws-6.2

  < 6.2.0-1012.12~22.04.1

• ubuntu•linux-aws-fips

  < 4.15.0-2100.106 | all | < 5.4.0-1110.119+fips1

• ubuntu•linux-aws-hwe

  < 4.15.0-1161.174~16.04.1

• ubuntu•linux-azure

  < 4.15.0-1170.185~14.04.1 | < 4.15.0-1170.185~16.04.1 | all | < 5.4.0-1116.123 | < 5.15.0-1047.54

• ubuntu•linux-azure-4.15

  < 4.15.0-1170.185

• ubuntu•linux-azure-5.11

  all

• ubuntu•linux-azure-5.13

  all

• ubuntu•linux-azure-5.15

  < 5.15.0-1047.54~20.04.1

• ubuntu•linux-azure-5.19

  all

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.4

  < 5.4.0-1116.123~18.04.1

• ubuntu•linux-azure-5.8

  all

• ubuntu•linux-azure-6.2

  < 6.2.0-1012.12~22.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde

  all | < 5.15.0-1047.54.1

• ubuntu•linux-azure-fde-5.19

  all

• ubuntu•linux-azure-fips

  < 4.15.0-2079.85 | all | < 5.4.0-1116.123+fips1

• ubuntu•linux-bluefield

  < 5.15.0-1024.26 | < 5.4.0-1071.77 | < 5.15.0-1024.26 | all

• ubuntu•linux-fips

  < 4.4.0-1093.100 | all | < 4.15.0-1116.127 | < 5.4.0-1085.94

• ubuntu•linux-gcp

  < 4.15.0-1155.172~16.04.1 | all | < 5.4.0-1113.122 | < 5.15.0-1042.50

• ubuntu•linux-gcp-4.15

  < 4.15.0-1155.172

• ubuntu•linux-gcp-5.11

  all

• ubuntu•linux-gcp-5.13

  all

• ubuntu•linux-gcp-5.15

  < 5.15.0-1042.50~20.04.1

• ubuntu•linux-gcp-5.19

  all

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.4

  < 5.4.0-1113.122~18.04.1

• ubuntu•linux-gcp-5.8

  all

• ubuntu•linux-gcp-6.2

  < 6.2.0-1014.14~22.04.1

• ubuntu•linux-gcp-fips

  < 4.15.0-2063.68 | all | < 5.4.0-1113.122+fips1

• ubuntu•linux-gke

  all | < 5.15.0-1042.47

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.15

  all

• ubuntu•linux-gke-5.4

  all

• ubuntu•linux-gkeop

  < 5.4.0-1077.81 | < 5.15.0-1028.33

• ubuntu•linux-gkeop-5.15

  < 5.15.0-1028.33~20.04.1

• ubuntu•linux-gkeop-5.4

  all

• ubuntu•linux-hwe

  < 4.15.0-218.229~16.04.1 | all

• ubuntu•linux-hwe-5.11

  all

Showing first 50 affected entries in server-rendered view.

References (19)

• https://ubuntu.com/security/CVE-2023-40283
• https://git.kernel.org/linus/1728137b33c00d5a2b5110ed7aafb42e7c32e4a1
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1728137b33c00d5a2b5110ed7aafb42e7c32e4a1
• https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.10
• https://github.com/torvalds/linux/commit/1728137b33c00d5a2b5110ed7aafb42e7c32e4a1
• https://ubuntu.com/security/notices/USN-6343-1
• https://ubuntu.com/security/notices/USN-6383-1
• https://ubuntu.com/security/notices/USN-6385-1
• https://ubuntu.com/security/notices/USN-6386-1
• https://ubuntu.com/security/notices/USN-6387-1
• https://ubuntu.com/security/notices/USN-6388-1
• https://ubuntu.com/security/notices/USN-6396-1
• https://ubuntu.com/security/notices/USN-6387-2
• https://ubuntu.com/security/notices/USN-6386-2
• https://ubuntu.com/security/notices/USN-6386-3
• https://ubuntu.com/security/notices/USN-6396-2
• https://ubuntu.com/security/notices/USN-6396-3
• https://ubuntu.com/security/notices/USN-6466-1
• https://www.cve.org/CVERecord?id=CVE-2023-40283