3 matches found
DEBIAN-CVE-2022-50374
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...
SUSE CVE-2023-31083
An issue was discovered in drivers/bluetooth/hcildisc.c in the Linux kernel 6.2. In hciuartttyioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCIUARTPROTOSET is set before hu-proto is set. A NULL pointer dereference may occur...
kernel: missing tty ops write function presence check in hci_uart_tty_open()
The hciuartttyopen function in the HCI UART driver drivers/bluetooth/hcildisc.c in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service NULL pointer dereference via vectors related to the...