Open witchcraze opened 1 week ago
- CVE-2023-40283
- Suggested Configuration
- OR
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 3.5 up to (excluding) 4.14.322
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.15 up to (excluding) 4.19.291
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 up to (excluding) 5.4.253
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.190
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.126
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.45
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.4.10
- Reference
- https://ubuntu.com/security/CVE-2023-40283
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.14.322
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.19.291
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.4.253
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.190
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.126
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.1.45
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.4.10
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.5
- Reference (Commit)
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
- Fixed by
- 4.14.322 (51822644a047eac2310fab0799b64e3430b5a111)
- 4.19.291 (82cdb2ccbe43337798393369f0ceb98699fe6037)
- 5.4.253 (a2da00d1ea1abfb04f846638e210b5b5166e3c9c)
- 5.10.190 (06f87c96216bc5cd1094c23492274f77f1d5dd3b)
- 5.15.126 (fbe5a2fed8156cc19eb3b956602b0a1dd46a302d)
- 6.1.45 (29fac18499332211b2615ade356e2bd8b3269f98)
- 6.4.10 (10426afe65c8bf7b24dd0c7be4dcc65f86fc99f9)
- 6.5 (1728137b33c00d5a2b5110ed7aafb42e7c32e4a1) (upstream)
- Will be introduced by
- https://github.com/torvalds/linux/commit/9f0caeb1deaf (v3.5-rc1)
- I Checked
- From ubuntu page
- Introduced by 9f0caeb1deafa9a894ee03134f6642c3a245b1af Fixed by 1728137b33c00d5a2b5110ed7aafb42e7c32e4a1
- 1728137b33c00d5a2b5110ed7aafb42e7c32e4a1 is written as upstream commit in each ChangeLog
- From 9f0caeb1deaf commit page, v3.5-rc1 is the most oldest in commit-branches area
[CVE Configuration Update Request] Update Suggestion - CVE-2023-40283 - Cvss3 : 7.8
https://www.linuxkernelcves.com/cves/CVE-2023-40283 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2023-40283.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2023-40283.json
lts~lts~lts~esm~esm~