Description
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur.
References (6)
Core 6
Core References
Mailing List
https://lore.kernel.org/all/CA+UBctC3p49aTgzbVgkSZ2+TQcqq4fPDO7yZitFT5uBPDeCO2g%40mail.gmail.com/
Issue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=1210780
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230929-0003/
Scores
CVSS v3
4.7
EPSS
0.0033
EPSS Percentile
24.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-362
CWE-476
Status
published
Products (1)
linux/linux_kernel
6.2
Published
Apr 24, 2023
Tracked Since
Feb 18, 2026