Bugzilla – Bug 1219351
VUL-0: DUPLICATE: CVE-2024-21803: kernel: bluetooth: use-after-free vulnerability in af_bluetooth.c
Last modified: 2024-06-13 09:32:57 UTC
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files: https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.c This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-21803 https://www.cve.org/CVERecord?id=CVE-2024-21803 https://bugzilla.openanolis.cn/show_bug.cgi?id=8081 https://bugzilla.redhat.com/show_bug.cgi?id=2261903
The OpenAnolis Bugzilla report is currently still private. No details about the underlying problem. Furthermore the NIST CVE description is mentioning this problem as "Local Execution of Code", but the CVSS vector and score is currently set to LOW. Base Score: 3.5 LOW Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L Without a direct understanding of the issue, we cannot set a SUSE CVSSv3.1 score right now.
Joey, I guess bluetooth is going to end up on your plate... If we can find out what this is all about :)
Did not see kernel patch on upstream yet.
The CVE entry has one more hidden detail. "title": "Possible UAF in bt_accept_poll in Linux kernel", although there is no obvious UAF to see there. I also emailed the contact address .
I filed a dispute with Mitre, as this seems to be a duplicate: https://patchwork.kernel.org/project/bluetooth/patch/20231209105518.GA408904@v4bel-B760M-AORUS-ELITE-AX/#25630326