CVE-2023-53018

EPSS 0.02%
Veröffentlicht 27.03.2025 16:43:45
Zuletzt bearbeitet 01.10.2025 18:15:35
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

Bluetooth: hci_conn: Fix memory leaks

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: hci_conn: Fix memory leaks

When hci_cmd_sync_queue() failed in hci_le_terminate_big() or
hci_le_big_terminate(), the memory pointed by variable d is not freed,
which will cause memory leak. Add release process to error path.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

NVD 5 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.0 < 6.1.9

Linux ≫ Linux Kernel Version6.2 Updaterc1

Linux ≫ Linux Kernel Version6.2 Updaterc2

Linux ≫ Linux Kernel Version6.2 Updaterc3

Linux ≫ Linux Kernel Version6.2 Updaterc4

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.06

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/f51a825b9f730a782aa768454906b4468e67b667

Patch

https://git.kernel.org/stable/c/3aa21311f36d8a2730c7ccef37235e951f23927b

Patch

https://nvd.nist.gov/vuln/detail/CVE-2023-53018

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53018

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53018

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-53018