Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2023-52830
HistoryMay 21, 2024 - 12:00 a.m.

CVE-2023-52830

2024-05-2100:00:00
ubuntu.com
ubuntu.com
3
linux kernel
bluetooth
vulnerability fix
double free
hci_conn_cleanup
hci_conn_hash_flush
use-after-free
hci_conn_del_sysfs
hci_dev_put
hci_conn_put
refcounting
device_add
cve-2023-52830
cve-2023-28464

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: Fix double free in hci_conn_cleanup
syzbot reports a slab use-after-free in hci_conn_hash_flush [1].
After releasing an object using hci_conn_del_sysfs in the
hci_conn_cleanup function, releasing the same object again
using the hci_dev_put and hci_conn_put functions causes a double free.
Here’s a simplified flow:
hci_conn_del_sysfs:
hci_dev_put
put_device
kobject_put
kref_put
kobject_release
kobject_cleanup
kfree_const
kfree(name)
hci_dev_put:

kfree(name)
hci_conn_put:
put_device

kfree(name)
This patch drop the hci_dev_put and hci_conn_put function
call in hci_conn_cleanup function, because the object is
freed in hci_conn_del_sysfs function.
This patch also fixes the refcounting in hci_conn_add_sysfs() and
hci_conn_del_sysfs() to take into account device_add() failures.
This fixes CVE-2023-28464.

Related

debiancve 2
nvd 2
cve 2
redhatcve 2
cvelist 2
prion 1
cbl_mariner 2
ubuntucve 1
nessus 42
photon 1
openvas 4
ibm 2
osv 4
rocky 2
redhat 4
oraclelinux 2
debiancve
debiancve
CVE-2023-52830
2024-05-21 16:15:20
CVE-2023-28464
2023-03-31 16:15:07
nvd
nvd
CVE-2023-52830
2024-05-21 16:15:20
CVE-2023-28464
2023-03-31 16:15:07
cve
cve
CVE-2023-52830
2024-05-21 16:15:20
CVE-2023-28464
2023-03-31 16:15:07
redhatcve
redhatcve
CVE-2023-52830
2024-05-23 11:12:46
CVE-2023-28464
2023-03-31 15:19:47
cvelist
cvelist
CVE-2023-52830
2024-05-21 15:31:32
CVE-2023-28464
2023-03-31 00:00:00
prion
prion
Double free
2023-03-31 16:15:00
cbl_mariner
cbl_mariner
CVE-2023-28464 affecting package kernel 5.10.185.1-1
2023-08-15 16:37:27
CVE-2023-28464 affecting package kernel for versions less than 5.15.122.1-2
2023-08-10 16:37:57
ubuntucve
ubuntucve
CVE-2023-28464
2023-03-31 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (Live Patch 27 for SLE 12 SP4) (SUSE-SU-2023:2422)
2023-06-08 00:00:00
SUSE SLES12 Security Update : kernel (Live Patch 39 for SLE 12 SP5) (SUSE-SU-2023:2415)
2023-06-08 00:00:00
SUSE SLES12 Security Update : kernel (Live Patch 30 for SLE 12 SP4) (SUSE-SU-2023:2420)
2023-06-08 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0090
2023-09-08 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:1801-1)
2023-04-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:2805-1)
2023-07-12 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:2646-1)
2024-03-04 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple kernel vulnerabilities
2024-06-07 15:32:38
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-06-26 16:06:34
osv
osv
Moderate: kernel security, bug fix, and enhancement update
2024-06-14 13:59:16
Moderate: kernel security, bug fix, and enhancement update
2024-05-22 00:00:00
Moderate: kernel-rt security and bug fix update
2024-06-14 13:59:36
rocky
rocky
kernel-rt security and bug fix update
2024-06-14 13:59:36
kernel security, bug fix, and enhancement update
2024-06-14 13:59:16
redhat
redhat
(RHSA-2024:3138) Moderate: kernel security, bug fix, and enhancement update
2024-05-22 06:35:43
(RHSA-2024:2950) Moderate: kernel-rt security and bug fix update
2024-05-22 06:35:10
(RHSA-2024:2394) Important: kernel security, bug fix, and enhancement update
2024-04-30 06:15:35
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2024-05-23 00:00:00
kernel security, bug fix, and enhancement update
2024-05-02 00:00:00

7.4 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON
Related for UB:CVE-2023-52830
debiancve2nvd2cve2redhatcve2cvelist2prion1cbl_mariner2ubuntucve1nessus42photon1openvas4ibm2osv4rocky2redhat4oraclelinux2