PT-2025-18810 · Linux+4 · Linux Kernel+4

Published

2023-03-04

Updated

2026-01-28

CVE-2023-53046

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A potential race condition exists in the Linux kernel's Bluetooth functionality, specifically in hci cmd sync work and hci cmd sync clear. This could lead to a use-after-free condition, causing a kernel panic when the freed entry of cmd sync work list is used in hci cmd sync work. The issue is related to the req workqueue and the freeing of the cmd sync work list entry in hci cmd sync clear.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

ALSA-2025_16880

BDU:2025-06788

CVE-2023-53046

RHSA-2024:2394

RHSA-2024_2394

SUSE-SU-2025:02264-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:2264-1

SUSE-SU-2025_02264-1

Affected Products

Astra Linux

Linux Kernel

Red Hat

Red Os

Suse

PT-2025-18810 · Linux+4 · Linux Kernel+4

CVE-2023-53046

Weakness Enumeration

Related Identifiers

Affected Products

References · 583