Null Pointer Dereference in Linux Kernel Bluetooth Implementation
CVE-2023-53293

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2023-53293?

A vulnerability exists within the Linux kernel's Bluetooth subsystem, specifically in the handling of Realtek Bluetooth controllers. The function btrtl_set_quirks() fails to perform a necessary check for NULL pointers when accessing device structures. If a Realtek controller is connected without the appropriate driver, this oversight leads to a NULL dereference, potentially triggering a Kernel Oops. This flaw underscores the importance of robust error checking in driver implementations to ensure system stability.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 253cf30e8d3d001850a95c4729d668f916b037ab

References

https://git.kernel.org/stable/c/ea160ece08668a30ce69f92cc...

https://git.kernel.org/stable/c/c34722f0bb9f7efb0e7e7a75a...

https://git.kernel.org/stable/c/253cf30e8d3d001850a95c472...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025