CVE-2023-53827 — Use After Free in Linux

CWE-416 — Use After Free7 documents6 sources

Severity

7.5HIGH

No vector

EPSS

0.0%

top 85.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to commit d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"), just use l2cap_chan_hold_unless_zero to prevent referencing a channel that is about to be destroyed.

Affected Packages4 packages

▶Linuxlinux/linux_kernel3.5.0 — 4.14.313+6

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux61d6ef3e3408cdf7e622646fb90a9f7f9560b943 — f2d38e77aa5f3effc143e7dd24da8acf02925958+8

▶debiandebian/linux< linux 6.1.25-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2023-53827: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to comm↗2025-12-09

▶

OSV

Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}↗2025-12-09

▶

GHSA

GHSA-gvg6-6cf6-h6vq: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to co↗2025-12-09

▶

📋Vendor Advisories

Red Hat

kernel: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}↗2025-12-09

▶

Debian

CVE-2023-53827: linux - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-53827 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶