CVE-2023-53374

Published: Sep 18, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fail SCO/ISO via hci_conn_failed if ACL gone early Not calling hci_(dis)connect_cfm before deleting conn referred to by a socket generally results to use-after-free. When cleaning up SCO connections when the parent ACL is deleted too early, use hci_conn_failed to do the connection cleanup properly. We also need to clean up ISO connections in a similar situation when connecting has started but LE Create CIS is not yet sent, so do it too here.

Vendor	Product	Versions
Linux	Linux	affected `ca1fd42e7dbfcb34890ffbf1f2f4b356776dab6f - < 397d58007532644b35fad746da48c41161f32a57` affected `ca1fd42e7dbfcb34890ffbf1f2f4b356776dab6f - < e94b898463a62b72a2a8b75dea8936bf4db78e00` affected `ca1fd42e7dbfcb34890ffbf1f2f4b356776dab6f - < 3344d318337d9dca928fd448e966557ec5063f85` affected `75e35bd4b7935ceed2aacd82f55940e73bf0b63b` affected `6.3.8 - < 6.4`
Linux	Linux	affected `6.4` unaffected `0 - < 6.4` unaffected `6.4.16 - <= 6.4.` unaffected `6.5.3 - <= 6.5.` unaffected `6.6 - <= *`

References

https://git.kernel.org/stable/c/397d58007532644b35fad746da48c41161f32a57

https://git.kernel.org/stable/c/e94b898463a62b72a2a8b75dea8936bf4db78e00

https://git.kernel.org/stable/c/3344d318337d9dca928fd448e966557ec5063f85

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-53374

Description

Affected Products

References