CVE-2023-53145

HIGH EPSS 4.9%
Published May 10, 20251y ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
High
Find Similar
Published May 10, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be started in btsdio_send_frame. If the btsdio_remove runs with a unfinished work, there may be a race condition that hdev is freed but used in btsdio_work. Fix it by canceling the work before do cleanup in btsdio_remove.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
4.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 13

VendorProductVersionRange
linuxlinux_kernel* <4.14.326
linuxlinux_kernel*≥4.15  –  <4.19.295
linuxlinux_kernel*≥4.20  –  <5.4.257
linuxlinux_kernel*≥5.5  –  <5.10.195
linuxlinux_kernel*≥5.11  –  <5.15.131
linuxlinux_kernel*≥5.16  –  <6.1.52
linuxlinux_kernel*≥6.2  –  <6.3
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/179c65828593aff1f444e15debd40a477cb23cf4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3efcbf25e5ab4d4ad1b7e6ba0869ff85540e3f6e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c3653627397a0d6eab19b20a59423e118985a6b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/73f7b171b7c09139eb3c6a5677c200dc1be5f318
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/746b363bef41cc159c051c47f9e30800bc6b520d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a5c2a467e9e789ae0891de55b766daac52e3b7b3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6650d27ab2c12a8ee750f396edb5ac8b4558b2e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/179c65828593aff1f444e15debd40a477cb23cf4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3efcbf25e5ab4d4ad1b7e6ba0869ff85540e3f6e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6c3653627397a0d6eab19b20a59423e118985a6b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/73f7b171b7c09139eb3c6a5677c200dc1be5f318
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/746b363bef41cc159c051c47f9e30800bc6b520d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a5c2a467e9e789ae0891de55b766daac52e3b7b3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a6650d27ab2c12a8ee750f396edb5ac8b4558b2e
    Patch