CVE-2023-28464
Published Mar 31, 2023
Last updated a year ago
Overview
- Description
- hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- CWE-415
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBF27CF3-0CF3-49C5-B2FB-122DE725DFD0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72352E44-DFB4-4C71-81F3-55924B2B7CF3"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21D6F467-B848-453E-B1A4-BEF940E413A6"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3583026A-27EC-4A4C-850A-83F2AF970673"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC271202-7570-4505-89A4-D602D47BFD00"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D413BB6D-4F74-4C7D-9163-47786619EF53"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4D613FB-9976-4989-8C4A-567773373CEA"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"
},
{
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"
},
{
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"
},
{
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"
},
{
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"
}
],
"operator": "OR"
}
]
}
]