CVE-2023-53828
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-09
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a use-after-free issue in the Linux kernel's Bluetooth subsystem, specifically in the function hci_add_adv_monitor(). During the process of adding an advertising monitor, a sequence of function calls can lead to freeing a monitor object prematurely in an error case. The problem arises because the debugging function bt_dev_dbg() incorrectly uses the freed monitor pointer instead of a safe handle, which can cause the system to access memory that has already been freed.
How can this vulnerability impact me? :
The use-after-free vulnerability can lead to undefined behavior such as system crashes, memory corruption, or potentially allow an attacker to execute arbitrary code within the kernel. This can compromise system stability and security, especially on devices using the affected Linux kernel Bluetooth functionality.