| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Information disclosure |
|
| Description |
| + |
A security issue was found in the Linux kernel before version 5.10.4. A NULL pointer dereference flaw may be seen as the sco_sock_getsockopt function in net/bluetooth/sco.c does not have a sanity check for a socket connection when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with special user privileges to crash the system or leak kernel internal information. |
|
| References |
| + |
https://bugzilla.redhat.com/show_bug.cgi?id=1910048 |
| + |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=6013c99742160d3901c4d108733e29b83b25f452 |
|
| Notes |
|