PT-2023-8126 · Linux+10 · Linux Kernel+10

Publicado

2023-12-15

Atualizado

2024-12-19

CVE-2023-51779

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 6.6.8

Description The issue is related to the bt sock recvmsg() function in the net/bluetooth/af bluetooth.c module of the Linux kernel's Bluetooth driver. It involves a use-after-free condition due to a race condition with bt sock ioctl(). This could allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For Linux kernel versions through 6.6.8, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Race Condition

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-416

Identificadores relacionados

ALSA-2024:2394

ALSA-2024:2950

ALSA-2024:3138

ALT-PU-2024-2275

AZL-35478

BDU:2024-00105

CESA-2024_2950

CESA-2024_3138

CVE-2023-51779

DLA-3841-1

DSA-5593-1

INFSA-2024_2394

INFSA-2024_2950

INFSA-2024_3138

OESA-2024-1083

OESA-2024-1084

OESA-2024-1085

OESA-2024-1086

OESA-2024-1087

OESA-2024-1088

OPENSUSE-SU-2024_0156-1

RHSA-2024:10941

RHSA-2024:2394

RHSA-2024:2950

RHSA-2024:3138

RHSA-2024:3854

RHSA-2024:3855

RHSA-2024:3859

RHSA-2024_2394

RHSA-2024_2950

RHSA-2024_3138

RLSA-2024:2950

RLSA-2024:3138

SUSE-SU-2024:0110-1

SUSE-SU-2024:0112-1

SUSE-SU-2024:0113-1

SUSE-SU-2024:0115-1

SUSE-SU-2024:0117-1

SUSE-SU-2024:0118-1

SUSE-SU-2024:0120-1

SUSE-SU-2024:0129-1

SUSE-SU-2024:0141-1

SUSE-SU-2024:0153-1

SUSE-SU-2024:0154-1

SUSE-SU-2024:0156-1

SUSE-SU-2024:0160-1

SUSE-SU-2024:0986-1

SUSE-SU-2024:0989-1

SUSE-SU-2024:0991-1

SUSE-SU-2024:0995-1

SUSE-SU-2024:1017-1

SUSE-SU-2024:1023-1

SUSE-SU-2024:1025-1

SUSE-SU-2024:1028-1

SUSE-SU-2024:1039-1

SUSE-SU-2024:1040-1

SUSE-SU-2024:1045-1

SUSE-SU-2024:1047-1

SUSE-SU-2024:1053-1

SUSE-SU-2024:1063-1

SUSE-SU-2024:1072-1

SUSE-SU-2024:1097-1

SUSE-SU-2024:1153-1

USN-6606-1

USN-6680-1

USN-6680-2

USN-6680-3

USN-6681-1

USN-6681-2

USN-6681-3

USN-6681-4

USN-6686-1

USN-6686-2

USN-6686-3

USN-6686-4

USN-6686-5

USN-6705-1

USN-6716-1

USN-6739-1

USN-6740-1

Produtos afetados

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2023-8126 · Linux+10 · Linux Kernel+10

CVE-2023-51779

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 534