mbox series

[SRU,Xenial,Bionic,0/1] CVE-2023-40283

Message ID 20230828155749.2097498-1-cengiz.can@canonical.com
Headers show
Series CVE-2023-40283 | expand

Message

Cengiz Can Aug. 28, 2023, 3:57 p.m. UTC 
[Impact]
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in
the Linux kernel before 6.4.10. There is a use-after-free because the children
of an sk are mishandled.

[Fix]
Cherry picked from upstream.

[Test case]
Compile, boot and l2test tested with dual bluetooth adapters. 

[Potential regression]
Low regression potential.

Sungwoo Kim (1):
  Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb

 net/bluetooth/l2cap_sock.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Tim Gardner Aug. 28, 2023, 4:43 p.m. UTC | #1 
On 8/28/23 9:57 AM, Cengiz Can wrote:
> [Impact]
> An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in
> the Linux kernel before 6.4.10. There is a use-after-free because the children
> of an sk are mishandled.
> 
> [Fix]
> Cherry picked from upstream.
> 
> [Test case]
> Compile, boot and l2test tested with dual bluetooth adapters.
> 
> [Potential regression]
> Low regression potential.
> 
> Sungwoo Kim (1):
>    Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
> 
>   net/bluetooth/l2cap_sock.c | 2 ++
>   1 file changed, 2 insertions(+)
> 
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Cengiz Can Aug. 28, 2023, 5:11 p.m. UTC | #2 
Sorry my Bionic working dir still thinks `kernel-team` is the target 
mailing list.

NACK'ing this to resubmit to ESM.