CVE-2023-31083

Name of the Vulnerable Software and Affected Versions Linux kernel version 6.2

Description The issue is related to a race condition in the hci uart tty ioctl() function between HCIUARTSETPROTO and HCIUARTGETPROTO commands in the drivers/bluetooth/hci ldisc.c module. This can lead to a NULL pointer dereference, potentially causing a denial of service. The hci uart tty ioctl() function is vulnerable due to the concurrent access to resources, and the HCI UART PROTO SET is set before hu->proto is set.

Recommendations For Linux kernel version 6.2, as a temporary workaround, consider disabling the hci uart tty ioctl() function until a patch is available. Restrict access to the vulnerable module drivers/bluetooth/hci ldisc.c to minimize the risk of exploitation. Avoid using the HCIUARTSETPROTO and HCIUARTGETPROTO commands in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.