CVE-2023-53827
Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to commit d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"), just use l2cap_chan_hold_unless_zero to prevent referencing a channel that is about to be destroyed.
INFO
Published Date :
Dec. 9, 2025, 4:17 p.m.
Last Modified :
Dec. 9, 2025, 6:37 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Update the Linux kernel to the latest version.
- Apply the provided patch for the Bluetooth L2CAP module.
- Recompile and install the updated kernel.
- Restart the system to apply changes.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2023-53827.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2023-53827 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2023-53827
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-53827 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2023-53827 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Dec. 09, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} Similar to commit d0be8347c623 ("Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put"), just use l2cap_chan_hold_unless_zero to prevent referencing a channel that is about to be destroyed. Added Reference https://git.kernel.org/stable/c/1351551aa9058e07a20a27a158270cf84fcde621 Added Reference https://git.kernel.org/stable/c/348d446762e7c70778df8bafbdf3fa0df2123f58 Added Reference https://git.kernel.org/stable/c/a2a9339e1c9deb7e1e079e12e27a0265aea8421a Added Reference https://git.kernel.org/stable/c/ac6725a634f7e8c0330610a8527f20c730b61115 Added Reference https://git.kernel.org/stable/c/c02421992505c95c7f3c9ad59ee35e22eac60988 Added Reference https://git.kernel.org/stable/c/d82a439c3cfdb28aa7e82e2e849c5c4dd9fca284 Added Reference https://git.kernel.org/stable/c/d9ba36c22a7bb09d6bac4cc2f243eff05da53f43 Added Reference https://git.kernel.org/stable/c/f2d38e77aa5f3effc143e7dd24da8acf02925958