AZL-26983 CVE-2023-1989 affecting package hyperv-daemons for versions less than 5.15.118.1-1

🗓️ 11 Apr 2023 21:15:15Reported by GoogleType

osv

osv🔗 osv.dev

Use-after-free in btsdio_remove may race and cause UAF on hdev devices; hyperv-daemons <5.15.118.1-1.

Reporter	Title	Published	Views	Family All 478
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel and Apache Axis can affect IBM Storage Protect Plus	31 Jan 202411:50	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Spectrum Copy Data Management	12 Jan 202416:31	–	ibm
ATTACKERKB	CVE-2023-1989	11 Apr 202321:15	–	attackerkb
Tenable Nessus	Alibaba Cloud Linux 3 : 0079: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2023:0079)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0136: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2023:0136)	14 May 202500:00	–	nessus
Tenable Nessus	CentOS 9 : kernel-5.14.0-347.el9	29 Feb 202400:00	–	nessus
Tenable Nessus	Debian dla-3403 : hyperv-daemons - security update	17 May 202300:00	–	nessus
Tenable Nessus	Debian dla-3404 : linux-config-5.10 - security update	17 May 202300:00	–	nessus
Tenable Nessus	Debian dla-3710 : hyperv-daemons - security update	16 Jan 202400:00	–	nessus
Tenable Nessus	Debian DSA-5492-1 : linux - security update	10 Sep 202300:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-1989

21 Apr 2026 04:23Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.17

EPSS0.0002

use after free btsdio remove linux kernel bluetooth driver hyperv daemons host device