CVE-2025-68304
Bluetooth: hci_core: lookup hci_conn on RX path on protocol side
References
Notes
carnil> Introduced in 5af1f84ed13a ("Bluetooth: hci_sync: Fix UAF on
carnil> hci_abort_conn_sync"). Vulnerable versions: 6.1.149 6.4.16 6.5.3 6.6.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.18) [79a2d4678ba90bdba577dc3af88cc900d6dcd5ee]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
released (6.17.11) [ec74cdf77310c43b01b83ee898a9bd4b4b0b8e93]
|
| 6.12-upstream-stable |
needed
|
| 6.6-upstream-stable |
needed
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
N/A "Vulnerable code not present"
|
| sid |
released (6.17.11-1)
|
| 6.12-trixie-security |
needed
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
N/A "Vulnerable code not present"
|
