CVE-2023-53673 – A use-after-free vulnerability in the Linux ker... (How to Fix)

Q: What is the severity of CVE-2023-53673?

CVE-2023-53673 has a CVSS score of 7.8 (HIGH). A use-after-free vulnerability in the Linux kernel's Bluetooth subsystem allows attackers to cause denial of service (system crashes) or potentially execute arbitrary code. The vulnerability occurs when the kernel fails to properly clean up ISO, L2CAP, and SCO connections before deleting them during failed disconnections. This affects any Linux system with Bluetooth enabled.

📋 TL;DR

A use-after-free vulnerability in the Linux kernel's Bluetooth subsystem allows attackers to cause denial of service (system crashes) or potentially execute arbitrary code. The vulnerability occurs when the kernel fails to properly clean up ISO, L2CAP, and SCO connections before deleting them during failed disconnections. This affects any Linux system with Bluetooth enabled.

💻 Affected Systems

Products:

Linux kernel

Versions: Versions before the fix commits (specific versions vary by distribution, but generally Linux kernel versions before the fix in late 2023)

Operating Systems: Linux distributions with vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Bluetooth enabled and in use. The vulnerability is triggered during failed Bluetooth disconnections.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and potential remote code execution with kernel privileges.

🟠

Likely Case

System instability, kernel crashes, and denial of service affecting Bluetooth functionality.

🟢

If Mitigated

Limited impact if Bluetooth is disabled or restricted to trusted devices only.

🌐 Internet-Facing: LOW - Bluetooth typically has limited range and isn't internet-facing, though Bluetooth over IP could increase risk.

🏢 Internal Only: MEDIUM - Attackers within Bluetooth range could exploit this, but requires proximity or network access to Bluetooth-enabled systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires triggering a failed Bluetooth disconnection, which could be done by interfering with Bluetooth connections. No public exploit code is known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 093a07052406b363b1b2ab489e17dbadaf3e509b, 59bd1e476bbc7bc6dff3c61bba787095a4839796, 7f7cfcb6f0825652973b780f248603e23f16ee90

Vendor Advisory: https://git.kernel.org/stable/c/093a07052406b363b1b2ab489e17dbadaf3e509b

Restart Required: Yes

Instructions:

1. Update your Linux kernel to a version containing the fix. 2. Check your distribution's security advisories for specific patched versions. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable Bluetooth

linux

Completely disable Bluetooth functionality to prevent exploitation

systemctl stop bluetooth
systemctl disable bluetooth
rfkill block bluetooth

Restrict Bluetooth connections

linux

Configure Bluetooth to only accept connections from trusted devices

Configure Bluetooth settings to require pairing and only allow known devices

🧯 If You Can't Patch

Disable Bluetooth entirely on critical systems
Implement network segmentation to isolate Bluetooth-enabled systems
Monitor for Bluetooth connection anomalies and system crashes

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories. Vulnerable if using kernel versions before the fix commits.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated to a version containing the fix commits. Check distribution security bulletins for confirmation.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
Bluetooth subsystem crashes
Use-after-free errors in kernel logs
System crashes during Bluetooth operations

Network Indicators:

Abnormal Bluetooth disconnection patterns
Multiple failed Bluetooth connection attempts

SIEM Query:

Search for kernel panic events, Bluetooth subsystem errors, or system crashes in system logs

📊 Metadata

CVE ID: CVE-2023-53673

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.02% exploit probability (5.6th percentile)

Published: October 7, 2025

Last Updated: February 26, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53673, you might also want to check these: