There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. References: https://github.com/google/security-research/security/advisories/GHSA-pf87-6c9q-jvm4 https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://github.com/torvalds/linux/commit/f937b758a188d6fd328a81367087eddbb2fce50f
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2148401]
This was fixed for Fedora with the 6.0.8 stable kernel updates.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2148 https://access.redhat.com/errata/RHSA-2023:2148
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2458 https://access.redhat.com/errata/RHSA-2023:2458
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Via RHSA-2023:3462 https://access.redhat.com/errata/RHSA-2023:3462
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:3461 https://access.redhat.com/errata/RHSA-2023:3461
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Via RHSA-2023:3517 https://access.redhat.com/errata/RHSA-2023:3517
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4137 https://access.redhat.com/errata/RHSA-2023:4137
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4138 https://access.redhat.com/errata/RHSA-2023:4138
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4230 https://access.redhat.com/errata/RHSA-2023:4230
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4541 https://access.redhat.com/errata/RHSA-2023:4541
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4517 https://access.redhat.com/errata/RHSA-2023:4517
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4531 https://access.redhat.com/errata/RHSA-2023:4531
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:4789 https://access.redhat.com/errata/RHSA-2023:4789
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:4888 https://access.redhat.com/errata/RHSA-2023:4888
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2023:5580 https://access.redhat.com/errata/RHSA-2023:5580
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:5588 https://access.redhat.com/errata/RHSA-2023:5588
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:5589 https://access.redhat.com/errata/RHSA-2023:5589
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Advanced Update Support Via RHSA-2024:0980 https://access.redhat.com/errata/RHSA-2024:0980
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:1249 https://access.redhat.com/errata/RHSA-2024:1249
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:1323 https://access.redhat.com/errata/RHSA-2024:1323
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:1332 https://access.redhat.com/errata/RHSA-2024:1332
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Advanced Update Support Via RHSA-2024:1746 https://access.redhat.com/errata/RHSA-2024:1746