In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_codec: Fix leaking content of local_codecs The following
memory leak can be observed when the controller supports codecs which are
stored in local_codecs list but the elements are never freed: unreferenced
object 0xffff88800221d840 (size 32): comm “kworker/u3:0”, pid 36, jiffies
4294898739 (age 127.060s) hex dump (first 32 bytes): f8 d3 02 03 80 88 ff
ff 80 d8 21 02 80 88 ff ff …!.. 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 … backtrace: [<ffffffffb324f557>]
__kmalloc+0x47/0x120 [<ffffffffb39ef37d>]
hci_codec_list_add.isra.0+0x2d/0x160 [<ffffffffb39ef643>]
hci_read_codec_capabilities+0x183/0x270 [<ffffffffb39ef9ab>]
hci_read_supported_codecs+0x1bb/0x2d0 [<ffffffffb39f162e>]
hci_read_local_codecs_sync+0x3e/0x60 [<ffffffffb39ff1b3>]
hci_dev_open_sync+0x943/0x11e0 [<ffffffffb396d55d>]
hci_power_on+0x10d/0x3f0 [<ffffffffb30c99b4>] process_one_work+0x404/0x800
[<ffffffffb30ca134>] worker_thread+0x374/0x670 [<ffffffffb30d9108>]
kthread+0x188/0x1c0 [<ffffffffb304db6b>] ret_from_fork+0x2b/0x50
[<ffffffffb300206a>] ret_from_fork_asm+0x1a/0x30
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 23.10 | noarch | linux | < 6.5.0-17.17 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < 6.5.0-1013.13 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-6.5 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-gcp | < 6.5.0-1013.13 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-gcp-6.5 | < 6.5.0-1013.13~22.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-hwe-6.5 | < 6.5.0-17.17~22.04.1 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-laptop | < 6.5.0-1009.12 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-lowlatency | < 6.5.0-17.17.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-lowlatency-hwe-6.5 | < 6.5.0-17.17.1.1.1~22.04.1 | UNKNOWN |