Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:Bluetooth: vhci: Prevent use-after-free by removing debugfs files earlyMove the creation of debugfs files into a dedicated function, and ensurethey are explicitly removed during vhci_release(), before associateddata structures are freed.Previously, debugfs files such as "force_suspend", "force_wakeup", andothers were created under hdev->debugfs but not removed invhci_release(). Since vhci_release() frees the backing vhci_datastructure, any access to these files after release would result inuse-after-free errors.Although hdev->debugfs is later freed in hci_release_dev(), user canaccess files after vhci_data is freed but before hdev->debugfs isreleased.
No PoCs from references.
- https://github.com/w4zu/Debian_security