| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091857-CVE-2023-53386-8ab2@gregkh>
Date: Thu, 18 Sep 2025 15:34:31 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...nel.org>
Subject: CVE-2023-53386: Bluetooth: Fix potential use-after-free when clear keys
From: Greg Kroah-Hartman <gregkh@...nel.org>
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: Fix potential use-after-free when clear keys
Similar to commit c5d2b6fa26b5 ("Bluetooth: Fix use-after-free in
hci_remove_ltk/hci_remove_irk"). We can not access k after kfree_rcu()
call.
The Linux kernel CVE team has assigned CVE-2023-53386 to this issue.
Affected and fixed versions
===========================
Issue introduced in 5.7 with commit d7d41682efc25d58b5bd8b80e85e3c9ce586635c and fixed in 5.10.195 with commit e87da6a0ac6e631454e7da53a76aa9fe44aaa5dd
Issue introduced in 5.7 with commit d7d41682efc25d58b5bd8b80e85e3c9ce586635c and fixed in 5.15.132 with commit 942d8cefb022f384d5424f8b90c7878f3f93726f
Issue introduced in 5.7 with commit d7d41682efc25d58b5bd8b80e85e3c9ce586635c and fixed in 6.1.53 with commit 94617b736c25091b60e514e2e7aeafcbbee6b700
Issue introduced in 5.7 with commit d7d41682efc25d58b5bd8b80e85e3c9ce586635c and fixed in 6.4.16 with commit da19f35868dfbecfff4f81166c054d2656cb1be4
Issue introduced in 5.7 with commit d7d41682efc25d58b5bd8b80e85e3c9ce586635c and fixed in 6.5.3 with commit 35cc42f04bc49f0656f6840cb7451b3df6049649
Issue introduced in 5.7 with commit d7d41682efc25d58b5bd8b80e85e3c9ce586635c and fixed in 6.6 with commit 3673952cf0c6cf81b06c66a0b788abeeb02ff3ae
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2023-53386
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
net/bluetooth/hci_core.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/e87da6a0ac6e631454e7da53a76aa9fe44aaa5dd
https://git.kernel.org/stable/c/942d8cefb022f384d5424f8b90c7878f3f93726f
https://git.kernel.org/stable/c/94617b736c25091b60e514e2e7aeafcbbee6b700
https://git.kernel.org/stable/c/da19f35868dfbecfff4f81166c054d2656cb1be4
https://git.kernel.org/stable/c/35cc42f04bc49f0656f6840cb7451b3df6049649
https://git.kernel.org/stable/c/3673952cf0c6cf81b06c66a0b788abeeb02ff3ae
Powered by blists - more mailing lists