CVE-2023-54197

high

Description

In the Linux kernel, the following vulnerability has been resolved: Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" This reverts commit 1e9ac114c4428fdb7ff4635b45d4f46017e8916f. This patch introduces a possible null-ptr-def problem. Revert it. And the fixed bug by this patch have resolved by commit 73f7b171b7c0 ("Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition").

References

https://git.kernel.org/stable/c/de0ffb5145c9f418ad76f00e58d4b91c680410b2

https://git.kernel.org/stable/c/db2bf510bd5d57f064d9e1db395ed86a08320c54

https://git.kernel.org/stable/c/d8d7ce037d9a8f1f0714ece268c4c2c50845bbc3

https://git.kernel.org/stable/c/a789192f366147a0fbb395650079906d1d04e0b9

https://git.kernel.org/stable/c/952030c914b5f2288609efe868537afcff7a3f51

https://git.kernel.org/stable/c/8f83fa62614c282dd5d1211a0dd99c6a0a515b81

https://git.kernel.org/stable/c/70a104588e3131415e559c06deb834ce259a285a

https://git.kernel.org/stable/c/3b4ed52009723f7dfca7a8ca95163bfb441bfb76

https://git.kernel.org/stable/c/0837d10f6c37a47a0c73bccf1e39513613a2fcc2

Details

Source: Mitre, NVD

Published: 2025-12-30

Updated: 2025-12-31

Risk Information

CVSS v2

Base Score: 5.4

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00033