hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.
                
            References
                    | Link | Resource | 
|---|---|
| https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm%40gmail.com/ | Mailing List Patch | 
| https://security.netapp.com/advisory/ntap-20230517-0004/ | Third Party Advisory | 
| https://www.openwall.com/lists/oss-security/2023/03/28/2 | Mailing List Patch | 
| https://www.openwall.com/lists/oss-security/2023/03/28/3 | Mailing List | 
| https://lore.kernel.org/lkml/20230309074645.74309-1-wzhmmmmm%40gmail.com/ | Mailing List Patch | 
| https://security.netapp.com/advisory/ntap-20230517-0004/ | Third Party Advisory | 
| https://www.openwall.com/lists/oss-security/2023/03/28/2 | Mailing List Patch | 
| https://www.openwall.com/lists/oss-security/2023/03/28/3 | Mailing List | 
Configurations
                    Configuration 1 (hide)
| 
 | 
Configuration 2 (hide)
| 
 | 
History
                    No history.
Information
                Published : 2023-03-31 16:15
Updated : 2024-11-21 07:55
NVD link : CVE-2023-28464
Mitre link : CVE-2023-28464
CVE.ORG link : CVE-2023-28464
JSON object : View
Products Affected
                netapp
- h410s_firmware
- h500s_firmware
- h300s_firmware
- h410c_firmware
- h700s_firmware
linux
- linux_kernel
CWE
                
                    
                        
                        CWE-415
                        
            Double Free
