7.8
CVE-2023-53374
- EPSS 0.02%
- Veröffentlicht 18.09.2025 13:33:20
- Zuletzt bearbeitet 12.12.2025 17:27:35
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fail SCO/ISO via hci_conn_failed if ACL gone early Not calling hci_(dis)connect_cfm before deleting conn referred to by a socket generally results to use-after-free. When cleaning up SCO connections when the parent ACL is deleted too early, use hci_conn_failed to do the connection cleanup properly. We also need to clean up ISO connections in a similar situation when connecting has started but LE Create CIS is not yet sent, so do it too here.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.3.8 < 6.4
Linux ≫ Linux Kernel Version >= 6.4.1 < 6.4.16
Linux ≫ Linux Kernel Version >= 6.5 < 6.5.3
Linux ≫ Linux Kernel Version6.4 Update-
Linux ≫ Linux Kernel Version6.4 Updaterc4
Linux ≫ Linux Kernel Version6.4 Updaterc5
Linux ≫ Linux Kernel Version6.4 Updaterc6
Linux ≫ Linux Kernel Version6.4 Updaterc7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.035 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.