CVE-2023-53018
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53018
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53018.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-53018
- Downstream
- Published
- 2025-03-27T16:43:45Z
- Modified
- 2025-10-21T15:19:00.847110Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Bluetooth: hci_conn: Fix memory leaks
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_conn: Fix memory leaks
When hcicmdsyncqueue() failed in hcileterminatebig() or hcilebig_terminate(), the memory pointed by variable d is not freed, which will cause memory leak. Add release process to error path.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedeca0ae4aea66914515e5e3098ea051b518ee5316Fixedf51a825b9f730a782aa768454906b4468e67b667
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedeca0ae4aea66914515e5e3098ea051b518ee5316Fixed3aa21311f36d8a2730c7ccef37235e951f23927b
Affected versions
v5.*
v5.19
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.2-rc1
v6.2-rc2
v6.2-rc3
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3aa21311f36d8a2730c7ccef37235e951f23927b",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2023-53018-588dce98",
"target": {
"function": "hci_le_big_terminate",
"file": "net/bluetooth/hci_conn.c"
},
"digest": {
"length": 365.0,
"function_hash": "323280245737299378518501926342199904999"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f51a825b9f730a782aa768454906b4468e67b667",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2023-53018-6252c2d0",
"target": {
"function": "hci_le_terminate_big",
"file": "net/bluetooth/hci_conn.c"
},
"digest": {
"length": 399.0,
"function_hash": "37844156744936711179665949830349082831"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f51a825b9f730a782aa768454906b4468e67b667",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2023-53018-63193ed4",
"target": {
"file": "net/bluetooth/hci_conn.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"288820653630866786940724625915092852151",
"325462227396673771988794042576212642932",
"128608093825259762763495802799152008087",
"315009111695823204465772701322286115111",
"308042848240682354500364819088202792530",
"178029719349725093649436359040523285781",
"185667191889136239442099439133452674436",
"263206265562447615979764649313603480118",
"318147981295309355373261558360448233069",
"287200837137692443887766091882615173533",
"104613913241595146814513834669980452237",
"277689949640821771347702784557340783036",
"249333215068536271217226805943997727383",
"305840633272763505120545683183707600727",
"271838909718346394365188050436264808052",
"290039754135379651896983651730123632281",
"206790721243538456881931369236457722254",
"266086716867505775101909071349160284743"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f51a825b9f730a782aa768454906b4468e67b667",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2023-53018-92959740",
"target": {
"function": "hci_le_big_terminate",
"file": "net/bluetooth/hci_conn.c"
},
"digest": {
"length": 407.0,
"function_hash": "41295167095501467702958342021543899603"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3aa21311f36d8a2730c7ccef37235e951f23927b",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2023-53018-ad29853d",
"target": {
"file": "net/bluetooth/hci_conn.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"288820653630866786940724625915092852151",
"325462227396673771988794042576212642932",
"172106850284949437985970346320720543933",
"326975810536738049367253482505345247374",
"136640334744446275207692669529178680300",
"178029719349725093649436359040523285781",
"185667191889136239442099439133452674436",
"263206265562447615979764649313603480118",
"318147981295309355373261558360448233069",
"287200837137692443887766091882615173533",
"104613913241595146814513834669980452237",
"170304998791465756445038473634723768289",
"164623047610999796794212965513507191523",
"232733872755834262232295617343599478697",
"271838909718346394365188050436264808052",
"290039754135379651896983651730123632281",
"206790721243538456881931369236457722254",
"266086716867505775101909071349160284743"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3aa21311f36d8a2730c7ccef37235e951f23927b",
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2023-53018-c305aa5d",
"target": {
"function": "hci_le_terminate_big",
"file": "net/bluetooth/hci_conn.c"
},
"digest": {
"length": 357.0,
"function_hash": "175095955299116708555327324246583534957"
},
"signature_type": "Function"
}
]