Bluetooth Vulnerability in Linux Kernel Affecting HCI Devices
CVE-2023-53520

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
1 October 2025

What is CVE-2023-53520?

A vulnerability in the Linux kernel's Bluetooth subsystem can lead to crashes when the hci_dev object is improperly handled. In scenarios where hci_unregister_dev() frees the object, concurrent access by hci_suspend_notifier may cause a crash. To mitigate this risk, a patch was implemented to maintain the reference count of the hci_dev object during processing in hci_suspend_notifier, preventing potential race conditions.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 06e2b5ad72b60f90bfe565c201346532e271f484

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 573ebae162111063eedc6c838a659ba628f66a0f

References

https://git.kernel.org/stable/c/06e2b5ad72b60f90bfe565c20...
https://git.kernel.org/stable/c/f9c8ce5d665653e3cf71a7634...
https://git.kernel.org/stable/c/573ebae162111063eedc6c838...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2023-53520 : Bluetooth Vulnerability in Linux Kernel Affecting HCI Devices