CVE-2023-53374

Severity CVSS v4.0:

Pending analysis

Type:

CWE-416 Use After Free

Publication date:

18/09/2025

Last modified:

12/12/2025

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fail SCO/ISO via hci_conn_failed if ACL gone early Not calling hci_(dis)connect_cfm before deleting conn referred to by a socket generally results to use-after-free. When cleaning up SCO connections when the parent ACL is deleted too early, use hci_conn_failed to do the connection cleanup properly. We also need to clean up ISO connections in a similar situation when connecting has started but LE Create CIS is not yet sent, so do it too here.

Impact

Vector 3.x

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS v3.1 Severity and Metrics:

Base Score: 7.80 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High

Base Score 3.x

7.80

Severity 3.x

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:linux:linux_kernel::::::::	6.3.8 (including)	6.4 (excluding)
cpe:2.3:o:linux:linux_kernel::::::::	6.4.1 (including)	6.4.16 (excluding)
cpe:2.3:o:linux:linux_kernel::::::::	6.5 (including)	6.5.3 (excluding)
cpe:2.3:o:linux:linux_kernel:6.4:-::::::
cpe:2.3:o:linux:linux_kernel:6.4:rc4::::::
cpe:2.3:o:linux:linux_kernel:6.4:rc5::::::
cpe:2.3:o:linux:linux_kernel:6.4:rc6::::::
cpe:2.3:o:linux:linux_kernel:6.4:rc7::::::

To consult the complete list of CPE names with products and versions, see this page

CVE-2023-53374

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools