Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() KSAN reports use-after-free in hci_add_adv_monitor(). While adding an adv monitor, hci_add_adv_monitor() calls -> msft_add_monitor_pattern() calls -> msft_add_monitor_sync() calls -> msft_le_monitor_advertisement_cb() calls in an error case -> hci_free_adv_monitor() which frees the *moniter. This is referenced by bt_dev_dbg() in hci_add_adv_monitor(). Fix the bt_dev_dbg() by using handle instead of monitor->handle.

INFO

Published Date :

2025-12-09T01:29:42.166Z

Last Modified :

2025-12-09T01:29:42.166Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-53828 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53828.

URL Resource
https://git.kernel.org/stable/c/81d8e9f59df63b8358751c1ffed9f1cf5c796909 cve-icon cve-icon
https://git.kernel.org/stable/c/8d66f7ced51cb924bc90278d6a0a26a52877271a cve-icon cve-icon
https://git.kernel.org/stable/c/a2bcd2b63271a93a695fabbfbf459c603d956d48 cve-icon cve-icon
https://git.kernel.org/stable/c/aafda69d4807f5edf3558c9534be9b911774e63a cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025120952-CVE-2023-53828-57cf@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53828 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53828 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact