CVE-2023-28464

hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:6.1.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc6:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

History

22 Dec 2023, 21:04

Type Values Removed Values Added
References () https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm%40gmail.com/ - () https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm%40gmail.com/ - Mailing List, Patch

09 Nov 2023, 14:44

Type Values Removed Values Added
First Time Netapp h500s Firmware
Netapp h700s Firmware
Netapp h300s Firmware
Netapp h410c Firmware
Netapp h410s Firmware
CPE cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

07 Nov 2023, 04:10

Type Values Removed Values Added
References
  • {'url': 'https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm@gmail.com/', 'name': 'https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm@gmail.com/', 'tags': ['Mailing List', 'Patch'], 'refsource': 'MISC'}
  • () https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm%40gmail.com/ -

11 Aug 2023, 23:28

Type Values Removed Values Added
References (CONFIRM) https://security.netapp.com/advisory/ntap-20230517-0004/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20230517-0004/ - Third Party Advisory
First Time Netapp baseboard Management Controller H410s Firmware
Netapp baseboard Management Controller H300s Firmware
Netapp baseboard Management Controller H410c Firmware
Netapp baseboard Management Controller H500s Firmware
Netapp
Netapp baseboard Management Controller H700s Firmware
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc6:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:-:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.1.25:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2.12:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*

17 May 2023, 20:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20230517-0004/ -

07 Apr 2023, 00:57

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-415
First Time Linux
Linux linux Kernel
References (MISC) https://www.openwall.com/lists/oss-security/2023/03/28/2 - (MISC) https://www.openwall.com/lists/oss-security/2023/03/28/2 - Mailing List, Patch
References (MISC) https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm@gmail.com/ - (MISC) https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm@gmail.com/ - Mailing List, Patch
References (MISC) https://www.openwall.com/lists/oss-security/2023/03/28/3 - (MISC) https://www.openwall.com/lists/oss-security/2023/03/28/3 - Mailing List

31 Mar 2023, 16:23

Type Values Removed Values Added
New CVE

Information

Published : 2023-03-31 16:15

Updated : 2023-12-22 21:04


NVD link : CVE-2023-28464

Mitre link : CVE-2023-28464

CVE.ORG link : CVE-2023-28464


JSON object : View

Products Affected

netapp

  • h700s_firmware
  • h300s_firmware
  • h410s_firmware
  • h500s_firmware
  • h410c_firmware

linux

  • linux_kernel
CWE
CWE-415

Double Free