Linux Kernel Bluetooth Vulnerability in HCI Connection Management
CVE-2023-53374

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53374?

This vulnerability in the Linux kernel affects the Bluetooth subsystem, specifically in the handling of HCI connections. A use-after-free issue occurs when the cleanup of SCO connections is improperly managed due to early deletion of the parent ACL connection. This failure can lead to significant security risks when attempting to clean up ISO connections, particularly if the LE Create CIS command hasn't been initiated. To mitigate this vulnerability, it's crucial to implement a proper connection cleanup routine using the hci_conn_failed function for both SCO and ISO connections.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ca1fd42e7dbfcb34890ffbf1f2f4b356776dab6f < 397d58007532644b35fad746da48c41161f32a57

Linux ca1fd42e7dbfcb34890ffbf1f2f4b356776dab6f

Linux ca1fd42e7dbfcb34890ffbf1f2f4b356776dab6f < 3344d318337d9dca928fd448e966557ec5063f85

References

https://git.kernel.org/stable/c/397d58007532644b35fad746d...

https://git.kernel.org/stable/c/e94b898463a62b72a2a8b75de...

https://git.kernel.org/stable/c/3344d318337d9dca928fd448e...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025

JSON

Linux

What is CVE-2023-53374?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.