fkie_cve-2023-53145
Vulnerability from fkie_nvd
Published
2025-05-10 15:15
Modified
2025-05-12 17:32
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition In btsdio_probe, the data->work is bound with btsdio_work. It will be started in btsdio_send_frame. If the btsdio_remove runs with a unfinished work, there may be a race condition that hdev is freed but used in btsdio_work. Fix it by canceling the work before do cleanup in btsdio_remove.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/179c65828593aff1f444e15debd40a477cb23cf4
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3efcbf25e5ab4d4ad1b7e6ba0869ff85540e3f6e
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6c3653627397a0d6eab19b20a59423e118985a6b
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/73f7b171b7c09139eb3c6a5677c200dc1be5f318
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/746b363bef41cc159c051c47f9e30800bc6b520d
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a5c2a467e9e789ae0891de55b766daac52e3b7b3
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a6650d27ab2c12a8ee750f396edb5ac8b4558b2e
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition\n\nIn btsdio_probe, the data-\u003ework is bound with btsdio_work. It will be\nstarted in btsdio_send_frame.\n\nIf the btsdio_remove runs with a unfinished work, there may be a race\ncondition that hdev is freed but used in btsdio_work. Fix it by\ncanceling the work before do cleanup in btsdio_remove."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: Bluetooth: btsdio: se corrige el error de use after free en btsdio_remove debido a una condici\u00f3n de ejecuci\u00f3n. En btsdio_probe, el trabajo data-\u0026gt;work est\u00e1 enlazado con btsdio_work. Se iniciar\u00e1 en btsdio_send_frame. Si btsdio_remove se ejecuta con un trabajo sin terminar, puede existir una condici\u00f3n de carrera que indique que hdev se libera, pero se usa en btsdio_work. Para solucionarlo, cancele el trabajo antes de realizar la limpieza en btsdio_remove."
    }
  ],
  "id": "CVE-2023-53145",
  "lastModified": "2025-05-12T17:32:32.760",
  "metrics": {},
  "published": "2025-05-10T15:15:58.587",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/179c65828593aff1f444e15debd40a477cb23cf4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/3efcbf25e5ab4d4ad1b7e6ba0869ff85540e3f6e"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6c3653627397a0d6eab19b20a59423e118985a6b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/73f7b171b7c09139eb3c6a5677c200dc1be5f318"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/746b363bef41cc159c051c47f9e30800bc6b520d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a5c2a467e9e789ae0891de55b766daac52e3b7b3"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a6650d27ab2c12a8ee750f396edb5ac8b4558b2e"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.