The vulnerabilities of the functions hci_uart_register_dev() and hci_uart_set_proto() in the Linux operating system allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

🗓️ 14 Apr 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

Use after free in Bluetooth driver hci_uart_register_dev and hci_uart_set_proto.

Reporter	Title	Published	Views	Family All 287
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	27 Jan 202100:05	–	ibm
Tenable Nessus	AlmaLinux 8 : kernel (ALSA-2020:4431)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : kernel (CESA-2020:4431)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : kernel-alt (RHSA-2020:2854)	9 Oct 202400:00	–	nessus
Tenable Nessus	CentOS 7 : kernel (RHSA-2020:4060)	20 Oct 202000:00	–	nessus
Tenable Nessus	Debian DLA-1930-1 : linux security update	26 Sep 201900:00	–	nessus
Tenable Nessus	Debian DLA-2114-1 : linux-4.9 security update	6 Mar 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1972)	23 Sep 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1186)	11 Mar 202000:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.2.6 : kernel (EulerOS-SA-2021-1056)	11 Jan 202100:00	–	nessus

Vulners

Node

novell suse_linux_enterprise_module_for_open_buildservice_development_toolsMatch15

OR

novell suse_linux_enterprise_module_for_basesystemMatch15

OR

novell suse_linux_enterprise_module_for_development_toolsMatch15

OR

novell suse_linux_enterprise_high_availabilityMatch15

OR

novell suse_linux_enterprise_module_for_legacy_softwareMatch15

OR

novell suse_linux_enterprise_module_for_live_patchingMatch15

OR

novell suse_linux_enterprise_module_for_public_cloudMatch15

OR

novell suse_linux_enterprise_workstation_extensionMatch15

OR

novell opensuse_leapMatch15.0

OR

novell opensuse_leapMatch15.1

Source	Link
lists	www.lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
lists	www.lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
packetstormsecurity	www.packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
cdn	www.cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.5
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.omprussia.ru/bb6323
git	www.git.kernel.org/linus/56897b217a1d0a91c9920cb418d6b3fe922f590a
github	www.github.com/torvalds/linux/commit/56897b217a1d0a91c9920cb418d6b3fe922f590a
kernel	www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.109
kernel	www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.32

04 Jun 2024 00:00Current

6.6Medium risk

Vulners AI Score6.6

CVSS 26.9

CVSS 37

EPSS0.00087

linux bluetooth use after free memory after free hci uart register hci uart set proto bluetooth driver