CVE-2023-53016

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A possible deadlock in the Linux kernel's Bluetooth functionality has been identified. The issue occurs when rfcomm sock connect acquires the sk lock and waits for the rfcomm lock, while rfcomm sock release could have the rfcomm lock and attempt to acquire the sk lock, resulting in a deadlock. The vulnerability is related to the rfcomm sk state change function.

Recommendations To resolve the issue, apply the patch that drops the sk lock before calling rfcomm dlc open to avoid the possible deadlock and holds sk's reference count to prevent use-after-free after rfcomm dlc open completes.

Note: Since the provided information does not specify the exact affected versions or a fixed version, it is not possible to provide version-specific recommendations.