Security tracker / CVE-2023-53762

CVE-2023-53762

Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync

References

• Debian security tracker
• cve.org

Notes

 carnil> Introduced in 182ee45da083 ("Bluetooth: hci_sync: Rework
 carnil> hci_suspend_notifier"). Vulnerable versions: 5.17-rc1.

Bugs

Status

Branch	Status
upstream	released (6.6-rc1) [94d9ba9f9888b748d4abd2aa1547af56ae85f772]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	N/A "Fixed before branching point"
6.6-upstream-stable	N/A "Fixed before branching point"
6.1-upstream-stable	needed
5.10-upstream-stable	N/A "Vulnerable code not present"
sid	released (6.5.3-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	needed
5.10-bullseye-security	N/A "Vulnerable code not present"