CVE-2023-28866

MEDIUM

Linux kernel <6.2.8 - Memory Corruption

Title source: llm

Description

In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not.

References (3)

Core 3

Core References

Issue Tracking

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=95084403f8c070ccf5d7cbe72352519c1798a40a

Mailing List

https://lore.kernel.org/lkml/20230321015018.1759683-1-iam%40sung-woo.kim/

Various Sources

https://patchwork.kernel.org/project/bluetooth/patch/20230322232543.3079578-1-luiz.dentz%40gmail.com

Scores

CVSS v3 5.3

EPSS 0.0003

EPSS Percentile 9.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-125

Status published

Products (1)

linux/linux_kernel < 6.2.8

Published Mar 27, 2023

Tracked Since Feb 18, 2026