CVE-2023-31083 : An issue was discovered in drivers/bluetooth/hci

An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.

Published 2023-04-24 06:15:08

Updated 2024-03-25 01:15:54

Source MITRE

View at NVD, CVE.org

Vulnerability category: Memory Corruption

Products affected by CVE-2023-31083

Linux » Linux Kernel » Version: 6.2
cpe:2.3:o:linux:linux_kernel:6.2:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-31083

EPSS FAQ

0.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-31083

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.7	MEDIUM	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H	1.0	3.6	NIST
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2023-31083

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Assigned by: nvd@nist.gov (Primary)
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2023-31083

https://lore.kernel.org/all/CA+UBctC3p49aTgzbVgkSZ2+TQcqq4fPDO7yZitFT5uBPDeCO2g%40mail.gmail.com/

BUG: general protection fault in hci_uart_tty_ioctl - Yu Hao
https://bugzilla.suse.com/show_bug.cgi?id=1210780

1210780 – (CVE-2023-31083) VUL-0: CVE-2023-31083: kernel: drivers/bluetooth/hci_ldisc.c race condition in hci_uart_tty_ioctl
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9c33663af9ad115f90c076a1828129a3fbadea98

Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO - kernel/git/torvalds/linux.git - Linux kernel source tree
https://lore.kernel.org/all/CA+UBctC3p49aTgzbVgkSZ2+TQcqq4fPDO7yZitFT5uBPDeCO2g@mail.gmail.com/

Exploit;Mailing List;Vendor Advisory
https://security.netapp.com/advisory/ntap-20230929-0003/

April 2023 Linux Kernel 6.2 Vulnerabilities in NetApp Products | NetApp Product Security

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-31083

Products affected by CVE-2023-31083

Exploit prediction scoring system (EPSS) score for CVE-2023-31083

CVSS scores for CVE-2023-31083

CWE ids for CVE-2023-31083

References for CVE-2023-31083