CVE-2023-51779: Use After Free
First published: Mon Dec 25 2023(Updated: )
A flaw was found in the Bluetooth subsystem of the Linux kernel. A race condition between the bt_sock_recvmsg() and bt_sock_ioctl() functions could lead to a use-after-free on a socket buffer ("skb"). A local user could exploit this vulnerability to cause a denial of service condition or potential code execution. Upstream fix: <a href="https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768">https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768</a>
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ubuntu/linux | <4.15.0-224.236 | 4.15.0-224.236 |
| ubuntu/linux | <5.4.0-173.191 | 5.4.0-173.191 |
| ubuntu/linux | <5.15.0-100.110 | 5.15.0-100.110 |
| ubuntu/linux | <6.5.0-25.25 | 6.5.0-25.25 |
| ubuntu/linux | <6.7~ | 6.7~ |
| ubuntu/linux | <4.4.0-253.287 | 4.4.0-253.287 |
| ubuntu/linux-aws | <4.15.0-1167.180 | 4.15.0-1167.180 |
| ubuntu/linux-aws | <5.4.0-1120.130 | 5.4.0-1120.130 |
| ubuntu/linux-aws | <5.15.0-1056.61 | 5.15.0-1056.61 |
| ubuntu/linux-aws | <6.5.0-1015.15 | 6.5.0-1015.15 |
| ubuntu/linux-aws | <4.4.0-1130.136 | 4.4.0-1130.136 |
| ubuntu/linux-aws | <6.7~ | 6.7~ |
| ubuntu/linux-aws | <4.4.0-1168.183 | 4.4.0-1168.183 |
| ubuntu/linux-aws-5.15 | <5.15.0-1056.61~20.04.1 | 5.15.0-1056.61~20.04.1 |
| ubuntu/linux-aws-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-aws-5.4 | <5.4.0-1120.130~18.04.1 | 5.4.0-1120.130~18.04.1 |
| ubuntu/linux-aws-5.4 | <6.7~ | 6.7~ |
| ubuntu/linux-aws-6.5 | <6.5.0-1015.15~22.04.1 | 6.5.0-1015.15~22.04.1 |
| ubuntu/linux-aws-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-aws-fips | <6.7~ | 6.7~ |
| ubuntu/linux-aws-hwe | <6.7~ | 6.7~ |
| ubuntu/linux-aws-hwe | <4.15.0-1167.180~16.04.1 | 4.15.0-1167.180~16.04.1 |
| ubuntu/linux-azure | <5.4.0-1126.133 | 5.4.0-1126.133 |
| ubuntu/linux-azure | <5.15.0-1058.66 | 5.15.0-1058.66 |
| ubuntu/linux-azure | <6.5.0-1016.16 | 6.5.0-1016.16 |
| ubuntu/linux-azure | <4.15.0-1176.191~14.04.1 | 4.15.0-1176.191~14.04.1 |
| ubuntu/linux-azure | <6.7~ | 6.7~ |
| ubuntu/linux-azure | <4.15.0-1176.191~16.04.1 | 4.15.0-1176.191~16.04.1 |
| ubuntu/linux-azure-4.15 | <4.15.0-1176.191 | 4.15.0-1176.191 |
| ubuntu/linux-azure-4.15 | <6.7~ | 6.7~ |
| ubuntu/linux-azure-5.15 | <5.15.0-1058.66~20.04.2 | 5.15.0-1058.66~20.04.2 |
| ubuntu/linux-azure-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-azure-5.4 | <5.4.0-1126.133~18.04.1 | 5.4.0-1126.133~18.04.1 |
| ubuntu/linux-azure-5.4 | <6.7~ | 6.7~ |
| ubuntu/linux-azure-6.5 | <6.5.0-1016.16~22.04.1 | 6.5.0-1016.16~22.04.1 |
| ubuntu/linux-azure-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-azure-fde | <5.15.0-1058.66.1 | 5.15.0-1058.66.1 |
| ubuntu/linux-azure-fde | <6.7~ | 6.7~ |
| ubuntu/linux-azure-fde-5.15 | <5.15.0-1058.66~20.04.2.1 | 5.15.0-1058.66~20.04.2.1 |
| ubuntu/linux-azure-fde-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-azure-fips | <6.7~ | 6.7~ |
| ubuntu/linux-bluefield | <5.4.0-1080.87 | 5.4.0-1080.87 |
| ubuntu/linux-bluefield | <6.7~ | 6.7~ |
| ubuntu/linux-fips | <6.7~ | 6.7~ |
| ubuntu/linux-gcp | <5.4.0-1124.133 | 5.4.0-1124.133 |
| ubuntu/linux-gcp | <5.15.0-1053.61 | 5.15.0-1053.61 |
| ubuntu/linux-gcp | <6.5.0-1015.15 | 6.5.0-1015.15 |
| ubuntu/linux-gcp | <6.7~ | 6.7~ |
| ubuntu/linux-gcp | <4.15.0-1161.178~16.04.1 | 4.15.0-1161.178~16.04.1 |
| ubuntu/linux-gcp-4.15 | <4.15.0-1161.178 | 4.15.0-1161.178 |
| ubuntu/linux-gcp-4.15 | <6.7~ | 6.7~ |
| ubuntu/linux-gcp-5.15 | <5.15.0-1053.61~20.04.1 | 5.15.0-1053.61~20.04.1 |
| ubuntu/linux-gcp-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-gcp-5.4 | <5.4.0-1124.133~18.04.1 | 5.4.0-1124.133~18.04.1 |
| ubuntu/linux-gcp-5.4 | <6.7~ | 6.7~ |
| ubuntu/linux-gcp-6.5 | <6.5.0-1015.15~22.04.1 | 6.5.0-1015.15~22.04.1 |
| ubuntu/linux-gcp-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-gcp-fips | <6.7~ | 6.7~ |
| ubuntu/linux-gke | <5.15.0-1052.57 | 5.15.0-1052.57 |
| ubuntu/linux-gke | <6.7~ | 6.7~ |
| ubuntu/linux-gkeop | <5.4.0-1087.91 | 5.4.0-1087.91 |
| ubuntu/linux-gkeop | <5.15.0-1038.44 | 5.15.0-1038.44 |
| ubuntu/linux-gkeop | <6.7~ | 6.7~ |
| ubuntu/linux-gkeop-5.15 | <5.15.0-1038.44~20.04.1 | 5.15.0-1038.44~20.04.1 |
| ubuntu/linux-gkeop-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-hwe | <6.7~ | 6.7~ |
| ubuntu/linux-hwe | <4.15.0-224.236~16.04.1 | 4.15.0-224.236~16.04.1 |
| ubuntu/linux-hwe-5.15 | <5.15.0-100.110~20.04.1 | 5.15.0-100.110~20.04.1 |
| ubuntu/linux-hwe-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-hwe-5.4 | <5.4.0-173.191~18.04.1 | 5.4.0-173.191~18.04.1 |
| ubuntu/linux-hwe-5.4 | <6.7~ | 6.7~ |
| ubuntu/linux-hwe-6.5 | <6.5.0-25.25~22.04.1 | 6.5.0-25.25~22.04.1 |
| ubuntu/linux-hwe-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-ibm | <5.4.0-1067.72 | 5.4.0-1067.72 |
| ubuntu/linux-ibm | <5.15.0-1048.51 | 5.15.0-1048.51 |
| ubuntu/linux-ibm | <6.7~ | 6.7~ |
| ubuntu/linux-ibm-5.15 | <5.15.0-1048.51~20.04.1 | 5.15.0-1048.51~20.04.1 |
| ubuntu/linux-ibm-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-ibm-5.4 | <5.4.0-1067.72~18.04.1 | 5.4.0-1067.72~18.04.1 |
| ubuntu/linux-ibm-5.4 | <6.7~ | 6.7~ |
| ubuntu/linux-intel | <6.7~ | 6.7~ |
| ubuntu/linux-intel-iotg | <5.15.0-1050.56 | 5.15.0-1050.56 |
| ubuntu/linux-intel-iotg | <6.7~ | 6.7~ |
| ubuntu/linux-intel-iotg-5.15 | <5.15.0-1050.56~20.04.1 | 5.15.0-1050.56~20.04.1 |
| ubuntu/linux-intel-iotg-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-iot | <5.4.0-1032.33 | 5.4.0-1032.33 |
| ubuntu/linux-iot | <6.7~ | 6.7~ |
| ubuntu/linux-kvm | <4.15.0-1151.156 | 4.15.0-1151.156 |
| ubuntu/linux-kvm | <5.4.0-1108.115 | 5.4.0-1108.115 |
| ubuntu/linux-kvm | <5.15.0-1052.57 | 5.15.0-1052.57 |
| ubuntu/linux-kvm | <6.7~ | 6.7~ |
| ubuntu/linux-kvm | <4.4.0-1131.141 | 4.4.0-1131.141 |
| ubuntu/linux-laptop | <6.5.0-1011.14 | 6.5.0-1011.14 |
| ubuntu/linux-laptop | <6.7~ | 6.7~ |
| ubuntu/linux-lowlatency | <5.15.0-100.110 | 5.15.0-100.110 |
| ubuntu/linux-lowlatency | <6.5.0-25.25.1 | 6.5.0-25.25.1 |
| ubuntu/linux-lowlatency | <6.7~ | 6.7~ |
| ubuntu/linux-lowlatency-hwe-5.15 | <5.15.0-100.110~20.04.1 | 5.15.0-100.110~20.04.1 |
| ubuntu/linux-lowlatency-hwe-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-lowlatency-hwe-6.5 | <6.5.0-25.25.1~22.04.1 | 6.5.0-25.25.1~22.04.1 |
| ubuntu/linux-lowlatency-hwe-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-lts-xenial | <4.4.0-253.287~14.04.1 | 4.4.0-253.287~14.04.1 |
| ubuntu/linux-lts-xenial | <6.7~ | 6.7~ |
| ubuntu/linux-nvidia | <5.15.0-1046.46 | 5.15.0-1046.46 |
| ubuntu/linux-nvidia | <6.7~ | 6.7~ |
| ubuntu/linux-nvidia-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-oem-6.1 | <6.1.0-1029.29 | 6.1.0-1029.29 |
| ubuntu/linux-oem-6.5 | <6.5.0-1016.17 | 6.5.0-1016.17 |
| ubuntu/linux-oem-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-oem-6.8 | <6.7~ | 6.7~ |
| ubuntu/linux-oracle | <4.15.0-1130.141 | 4.15.0-1130.141 |
| ubuntu/linux-oracle | <5.4.0-1119.128 | 5.4.0-1119.128 |
| ubuntu/linux-oracle | <5.15.0-1053.59 | 5.15.0-1053.59 |
| ubuntu/linux-oracle | <6.5.0-1018.18 | 6.5.0-1018.18 |
| ubuntu/linux-oracle | <6.7~ | 6.7~ |
| ubuntu/linux-oracle | <4.15.0-1130.141~16.04.1 | 4.15.0-1130.141~16.04.1 |
| ubuntu/linux-oracle-5.15 | <5.15.0-1053.59~20.04.1 | 5.15.0-1053.59~20.04.1 |
| ubuntu/linux-oracle-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-oracle-5.4 | <5.4.0-1119.128~18.04.1 | 5.4.0-1119.128~18.04.1 |
| ubuntu/linux-oracle-5.4 | <6.7~ | 6.7~ |
| ubuntu/linux-oracle-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-raspi | <5.4.0-1104.116 | 5.4.0-1104.116 |
| ubuntu/linux-raspi | <5.15.0-1048.51 | 5.15.0-1048.51 |
| ubuntu/linux-raspi | <6.5.0-1012.15 | 6.5.0-1012.15 |
| ubuntu/linux-raspi | <6.7.0-1001.1 | 6.7.0-1001.1 |
| ubuntu/linux-raspi | <6.7~ | 6.7~ |
| ubuntu/linux-raspi-5.4 | <5.4.0-1104.116~18.04.1 | 5.4.0-1104.116~18.04.1 |
| ubuntu/linux-raspi-5.4 | <6.7~ | 6.7~ |
| ubuntu/linux-riscv | <6.5.0-25.25.1 | 6.5.0-25.25.1 |
| ubuntu/linux-riscv | <6.7~ | 6.7~ |
| ubuntu/linux-riscv-5.15 | <5.15.0-1051.55~20.04.1 | 5.15.0-1051.55~20.04.1 |
| ubuntu/linux-riscv-5.15 | <6.7~ | 6.7~ |
| ubuntu/linux-riscv-6.5 | <6.5.0-25.25.1~22.04.1 | 6.5.0-25.25.1~22.04.1 |
| ubuntu/linux-riscv-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-starfive | <6.5.0-1009.10 | 6.5.0-1009.10 |
| ubuntu/linux-starfive | <6.7~ | 6.7~ |
| ubuntu/linux-starfive-6.5 | <6.5.0-1009.10~22.04.1 | 6.5.0-1009.10~22.04.1 |
| ubuntu/linux-starfive-6.5 | <6.7~ | 6.7~ |
| ubuntu/linux-xilinx-zynqmp | <5.4.0-1039.43 | 5.4.0-1039.43 |
| ubuntu/linux-xilinx-zynqmp | <6.7~ | 6.7~ |
| redhat/kernel | <6.7 | 6.7 |
| debian/linux | 5.10.218-1 5.10.221-1 6.1.94-1 6.1.99-1 6.9.9-1 6.9.10-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/torvalds/linux/commit/2e07e8348ea454615e268222ae3fc240421be768
- https://launchpad.net/bugs/cve/CVE-2023-51779
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2256823
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2261903
- https://access.redhat.com/errata/RHSA-2024:2394
- https://access.redhat.com/errata/RHSA-2024:2950
- https://access.redhat.com/errata/RHSA-2024:3138
- https://access.redhat.com/errata/RHSA-2024:3854
- https://access.redhat.com/errata/RHSA-2024:3855
- https://access.redhat.com/errata/RHSA-2024:3859
- https://bugzilla.redhat.com/show_bug.cgi?id=2256822
- https://git.kernel.org/linus/2e07e8348ea454615e268222ae3fc240421be768 (6.7-rc7)
- https://ubuntu.com/security/notices/USN-6606-1
- https://ubuntu.com/security/notices/USN-6680-1
- https://ubuntu.com/security/notices/USN-6681-1
- https://ubuntu.com/security/notices/USN-6686-1
- https://ubuntu.com/security/notices/USN-6680-2
- https://ubuntu.com/security/notices/USN-6681-2
- https://ubuntu.com/security/notices/USN-6681-3
- https://ubuntu.com/security/notices/USN-6686-2
- https://ubuntu.com/security/notices/USN-6680-3
- https://ubuntu.com/security/notices/USN-6681-4
- https://ubuntu.com/security/notices/USN-6686-3
- https://ubuntu.com/security/notices/USN-6686-4
- https://ubuntu.com/security/notices/USN-6705-1
- https://ubuntu.com/security/notices/USN-6716-1
- https://ubuntu.com/security/notices/USN-6686-5
- https://www.cve.org/CVERecord?id=CVE-2023-51779
- https://ubuntu.com/security/notices/USN-6739-1
- https://ubuntu.com/security/notices/USN-6740-1
- https://nvd.nist.gov/vuln/detail/CVE-2023-51779
- https://security-tracker.debian.org/tracker/CVE-2023-51779
- https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
- https://git.kernel.org/linus/2e07e8348ea454615e268222ae3fc240421be768
- https://ubuntu.com/security/CVE-2023-51779
- https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
Parent vulnerabilities
(Appears in the following advisories)
- agent/weakness
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/event
- agent/author
- agent/severity
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-51779
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/references
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/nvd-cve
- collector/usn-cve
- source/Ubuntu
- agent/softwarecombine
- agent/tags
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- package-manager/ubuntu
- package-manager/debian