PT-2025-38023 · Linux+6 · Linux Kernel+6

Published

2023-06-29

Updated

2025-11-19

CVE-2023-53305

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free issue was identified and resolved in the L2CAP (Logical Link Control and Adaptation Protocol) layer of the Bluetooth stack within the Linux kernel. The vulnerability specifically affects the l2cap le command rej function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025:17797

ALSA-2025:17812

ALSA-2025_16880

ALSA-2025_17797

ALSA-2025_17812

BDU:2026-02200

CESA-2025_17797

CESA-2025_17812

CVE-2023-53305

INFSA-2025_17797

INFSA-2025_17812

RHSA-2025:19222

RHSA-2025:21051

RHSA-2025:21091

RHSA-2025:21128

RHSA-2025:21136

RHSA-2025_17797

RHSA-2025_17812

SUSE-SU-2025:03600-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Almalinux

Astra Linux

Centos

Linux Kernel

Red Hat

Rocky Linux

Suse

PT-2025-38023 · Linux+6 · Linux Kernel+6

CVE-2023-53305

Weakness Enumeration

Related Identifiers

Affected Products

References · 2068