CVE-2023-53293 — NULL Pointer Dereference in Kernel

CWE-476 — NULL Pointer Dereference4 documents3 sources

Severity

5.5MEDIUM

No vector

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel

Timeline

PublishedSep 16

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_set_quirks() The btrtl_set_quirks() has accessed btrtl_dev->ic_info->lmp_subver since b8e482d02513. However, if installing a Realtek Bluetooth controller without the driver supported, it will hit the NULL point accessed. Add a check for NULL to avoid the Kernel Oops.

Affected Packages2 packages

▶Linuxlinux/linux_kernel6.2.0 — 6.3.4+1

▶Debianlinux/linux_kernel< 6.1.37-1+2

🔴Vulnerability Details

GHSA

GHSA-v28r-c43q-q6qm: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_set_quirks() The btrtl_set_quirks() ha↗2025-09-16

▶

OSV

Bluetooth: btrtl: check for NULL in btrtl_set_quirks()↗2025-09-16

▶

OSV

CVE-2023-53293: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtl_set_quirks() The btrtl_set_quirks() has↗2025-09-16

▶

📋Vendor Advisories

Red Hat

kernel: Bluetooth: btrtl: check for NULL in btrtl_set_quirks()↗2025-09-16

▶