← Back

CVE-2023-53374

nvd nist
Published: Sep 18, 2025Modified: Jun 17, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fail SCO/ISO via hci_conn_failed if ACL gone early Not calling hci_(dis)connect_cfm before deleting conn referred to by a socket generally results to use-after-free. When cleaning up SCO connections when the parent ACL is deleted too early, use hci_conn_failed to do the connection cleanup properly. We also need to clean up ISO connections in a similar situation when connecting has started but LE Create CIS is not yet sent, so do it too here.

Affected (8)

Products: Linux: Linux Kernel
1 product
Linux Kernel
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Linux
From 6.3.8 to 6.4
From 6.4.1 to 6.4.16
From 6.5 to 6.5.3
Version 6.4
Version 6.4 rc4
Version 6.4 rc5
Version 6.4 rc6
Version 6.4 rc7

References (3)

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch

Timeline

No history available yet.