Ruoyu Wu

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.4.10 **Description** The issue is related to the `l2cap sock release` function in the Linux kernel, specifically in the `net/bluetooth/l2cap sock.c` file. It involves a use-after-free error because the children of an `sk` are mishandled. This could potentially allow an attacker to cause a denial of service or have other impacts. **Recommendations** For Linux kernel versions prior to 6.4.10, update to version 6.4.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the `l2cap sock release` function in `net/bluetooth/l2cap sock.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 6.2.8 **Description** The issue is related to out-of-bounds access in the Linux kernel, specifically in the net/bluetooth/hci sync.c file. This is due to the amp init1[] and amp init2[] arrays not having an intentionally invalid element as supposed. The vulnerability can be exploited by a remote attacker to disclose protected information. **Recommendations** For Linux kernel versions through 6.2.8, update to a version later than 6.2.8 to resolve the issue. As a temporary workaround, consider restricting access to the net/bluetooth/hci sync.c module to minimize the risk of exploitation.