CVE-2023-1902

HIGH Year: 2023
CVSS v3 Score
8.0
High
Weakness Type
CWE-416
View all →

Vulnerability Description

The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer.

Related Vulnerabilities

CVE-2017-1635

HIGH
CVSS:8.0(High)

IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute ...

CWE-4162017

CVE-2017-5074

HIGH
CVSS:8.0(High)

A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth.

CWE-4162017

CVE-2018-11529

HIGH
CVSS:8.0(High)

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in...

CWE-4162018

CVE-2018-3939

HIGH
CVSS:8.0(High)

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object i...

CWE-4162018

CVE-2018-3940

HIGH
CVSS:8.0(High)

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object i...

CWE-4162018

CVE-2018-3941

HIGH
CVSS:8.0(High)

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed obj...

CWE-4162018