CVE-2023-53016

MEDIUM 5.5

Bluetooth: Fix possible deadlock in rfcomm_sk_state_change

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. While rfcomm_sock_connect acquires the sk lock and waits for the rfcomm lock, rfcomm_sock_release could have the rfcomm lock and hit a deadlock for acquiring the sk lock. Here's a simplified flow: rfcomm_sock_connect: lock_sock(sk) rfcomm_dlc_open: rfcomm_lock() rfcomm_sock_release: rfcomm_sock_shutdown: rfcomm_lock() __rfcomm_dlc_close: rfcomm_k_state_change: lock_sock(sk) This patch drops the sk lock before calling rfcomm_dlc_open to avoid the possible deadlock and holds sk's reference count to prevent use-after-free after rfcomm_dlc_open completes.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Mar 27, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new medium vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1804fdf6e494e5e2938c65d8391690b59bcff897 < 98aec50ff7f60cc6f2d6a4396b475c547e58b04d 1804fdf6e494e5e2938c65d8391690b59bcff897 < 17511bd84871f4a6106cb335616e086880313f3f 1804fdf6e494e5e2938c65d8391690b59bcff897 < 1d80d57ffcb55488f0ec0b77928d4f82d16b6a90

Linux / Linux

5.15

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/98aec50ff7f60cc6f2d6a4396b475c547e58b04d git.kernel.org: https://git.kernel.org/stable/c/17511bd84871f4a6106cb335616e086880313f3f git.kernel.org: https://git.kernel.org/stable/c/1d80d57ffcb55488f0ec0b77928d4f82d16b6a90