CVE-2023-53016

MEDIUM EPSS 3.5%
Published Mar 27, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 27, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. While rfcomm_sock_connect acquires the sk lock and waits for the rfcomm lock, rfcomm_sock_release could have the rfcomm lock and hit a deadlock for acquiring the sk lock. Here's a simplified flow: rfcomm_sock_connect: lock_sock(sk) rfcomm_dlc_open: rfcomm_lock() rfcomm_sock_release: rfcomm_sock_shutdown: rfcomm_lock() __rfcomm_dlc_close: rfcomm_k_state_change: lock_sock(sk) This patch drops the sk lock before calling rfcomm_dlc_open to avoid the possible deadlock and holds sk's reference count to prevent use-after-free after rfcomm_dlc_open completes.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 2

CWE-416 Use After Free Memory Safety
CWE-667

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥5.15  –  <5.15.91
linuxlinux_kernel*≥5.16  –  <6.1.9
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/17511bd84871f4a6106cb335616e086880313f3f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1d80d57ffcb55488f0ec0b77928d4f82d16b6a90
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/98aec50ff7f60cc6f2d6a4396b475c547e58b04d
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/17511bd84871f4a6106cb335616e086880313f3f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1d80d57ffcb55488f0ec0b77928d4f82d16b6a90
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/98aec50ff7f60cc6f2d6a4396b475c547e58b04d
    Patch