CVE-2023-1989

CVSS v3.1 7 (High)

EPSS 0.04 % (15^th)

Affected Products 7

Advisories 54

NVD Status Modified

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

Weaknesses

CWE-416: Use After Free

CVE Status: PUBLISHED
NVD Status: Modified
CNA: Red Hat, Inc.
Published Date: 2023-04-11 21:15:15
(17 months ago)
Updated Date: 2024-08-26 13:35:00
(3 weeks ago)

Affected Products

Debian

Debian Linux

Linux

Linux Kernel

Netapp

Configuration #1

	CPE23	From	Up To
Linux Kernel from 2.6.24 version and prior 4.14.312 version	cpe:2.3:o:linux:linux_kernel	>= 2.6.24	< 4.14.312
Linux Kernel from 4.15 version and prior 4.19.280 version	cpe:2.3:o:linux:linux_kernel	>= 4.15	< 4.19.280
Linux Kernel from 4.20 version and prior 5.4.240 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 5.4.240
Linux Kernel from 5.5 version and prior 5.10.177 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.177
Linux Kernel from 5.11 version and prior 5.15.105 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.105
Linux Kernel from 5.16 version and prior 6.1.22 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.22
Linux Kernel from 6.2 version and prior 6.2.9 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.2.9

Configuration #2

		CPE23	From	Up To
	Netapp H300s	cpe:2.3:h:netapp:h300s:-
	Netapp H410c	cpe:2.3:h:netapp:h410c:-
	Netapp H410s	cpe:2.3:h:netapp:h410s:-
	Netapp H500s	cpe:2.3:h:netapp:h500s:-
	Netapp H700s	cpe:2.3:h:netapp:h700s:-

Configuration #3

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 12.0	cpe:2.3:o:debian:debian_linux:12.0