A security issue was found in the Linux kernel before version 5.10.4. A NULL pointer dereference flaw may be seen as the sco_sock_getsockopt function in net/bluetooth/sco.c does not have a sanity check for a socket connection when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with special user privileges to crash the system or leak kernel internal information.
A security issue was found in the Linux kernel before version 5.10.4. A NULL pointer dereference flaw may be seen as the sco_sock_getsockopt function in net/bluetooth/sco.c does not have a sanity check for a socket connection when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with special user privileges to crash the system or leak kernel internal information.
https://bugzilla.redhat.com/show_bug.cgi?id=1910048 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=6013c99742160d3901c4d108733e29b83b25f452
Vulmon