{ "threat_severity" : "Moderate", "public_date" : "2024-03-02T00:00:00Z", "bugzilla" : { "description" : "kernel: Bluetooth: hci_codec: Fix leaking content of local_codecs", "id" : "2267799", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2267799" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-402", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nBluetooth: hci_codec: Fix leaking content of local_codecs\nThe following memory leak can be observed when the controller supports\ncodecs which are stored in local_codecs list but the elements are never\nfreed:\nunreferenced object 0xffff88800221d840 (size 32):\ncomm \"kworker/u3:0\", pid 36, jiffies 4294898739 (age 127.060s)\nhex dump (first 32 bytes):\nf8 d3 02 03 80 88 ff ff 80 d8 21 02 80 88 ff ff ..........!.....\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[] __kmalloc+0x47/0x120\n[] hci_codec_list_add.isra.0+0x2d/0x160\n[] hci_read_codec_capabilities+0x183/0x270\n[] hci_read_supported_codecs+0x1bb/0x2d0\n[] hci_read_local_codecs_sync+0x3e/0x60\n[] hci_dev_open_sync+0x943/0x11e0\n[] hci_power_on+0x10d/0x3f0\n[] process_one_work+0x404/0x800\n[] worker_thread+0x374/0x670\n[] kthread+0x188/0x1c0\n[] ret_from_fork+0x2b/0x50\n[] ret_from_fork_asm+0x1a/0x30", "A memory leak flaw was found in the Linux kernel’s Bluetooth functionality. This flaw allows a local user to crash the system." ], "statement" : "This issue is fixed for Red Hat Enterprise Linux 8 starting from version 8.3.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-07-24T00:00:00Z", "advisory" : "RHSA-2024:4823", "cpe" : "cpe:/a:redhat:rhel_eus:9.2", "package" : "kernel-0:5.14.0-284.75.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-07-24T00:00:00Z", "advisory" : "RHSA-2024:4831", "cpe" : "cpe:/a:redhat:rhel_eus:9.2::nfv", "package" : "kernel-rt-0:5.14.0-284.75.1.rt14.360.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-52518\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52518\nhttps://lore.kernel.org/linux-cve-announce/2024030251-CVE-2023-52518-bcfa@gregkh/T/#u" ], "name" : "CVE-2023-52518", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }