[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-DEBIAN-CVE-2023-53762":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":19,"modified_at":20,"state":9,"summary":21,"references_raw":23,"kevs":30,"epss":9,"epss_history":31,"metrics":32,"affected":33},"DEBIAN-CVE-2023-53762","In the Linux kernel, the following vulnerability has been resolved:  Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync  Use-after-free can occur in hci_disconnect_all_sync if a connection is deleted by concurrent processing of a controller event.  To prevent this the code now tries to iterate over the list backwards to ensure the links are cleanup before its parents, also it no longer relies on a cursor, instead it always uses the last element since hci_abort_conn_sync is guaranteed to call hci_conn_del.  UAF crash log: ================================================================== BUG: KASAN: slab-use-after-free in hci_set_powered_sync (net/bluetooth/hci_sync.c:5424) [bluetooth] Read of size 8 at addr ffff888009d9c000 by task kworker/u9:0/124  CPU: 0 PID: 124 Comm: kworker/u9:0 Tainted: G        W 6.5.0-rc1+ #10 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014 Workqueue: hci0 hci_cmd_sync_work [bluetooth] Call Trace:  \u003CTASK>  dump_stack_lvl+0x5b/0x90  print_report+0xcf/0x670  ? __virt_addr_valid+0xdd/0x160  ? hci_set_powered_sync+0x2c9/0x4a0 [bluetooth]  kasan_report+0xa6/0xe0  ? hci_set_powered_sync+0x2c9/0x4a0 [bluetooth]  ? __pfx_set_powered_sync+0x10/0x10 [bluetooth]  hci_set_powered_sync+0x2c9/0x4a0 [bluetooth]  ? __pfx_hci_set_powered_sync+0x10/0x10 [bluetooth]  ? __pfx_lock_release+0x10/0x10  ? __pfx_set_powered_sync+0x10/0x10 [bluetooth]  hci_cmd_sync_work+0x137/0x220 [bluetooth]  process_one_work+0x526/0x9d0  ? __pfx_process_one_work+0x10/0x10  ? __pfx_do_raw_spin_lock+0x10/0x10  ? mark_held_locks+0x1a/0x90  worker_thread+0x92/0x630  ? __pfx_worker_thread+0x10/0x10  kthread+0x196/0x1e0  ? __pfx_kthread+0x10/0x10  ret_from_fork+0x2c/0x50  \u003C/TASK>  Allocated by task 1782:  kasan_save_stack+0x33/0x60  kasan_set_track+0x25/0x30  __kasan_kmalloc+0x8f/0xa0  hci_conn_add+0xa5/0xa80 [bluetooth]  hci_bind_cis+0x881/0x9b0 [bluetooth]  iso_connect_cis+0x121/0x520 [bluetooth]  iso_sock_connect+0x3f6/0x790 [bluetooth]  __sys_connect+0x109/0x130  __x64_sys_connect+0x40/0x50  do_syscall_64+0x60/0x90  entry_SYSCALL_64_after_hwframe+0x6e/0xd8  Freed by task 695:  kasan_save_stack+0x33/0x60  kasan_set_track+0x25/0x30  kasan_save_free_info+0x2b/0x50  __kasan_slab_free+0x10a/0x180  __kmem_cache_free+0x14d/0x2e0  device_release+0x5d/0xf0  kobject_put+0xdf/0x270  hci_disconn_complete_evt+0x274/0x3a0 [bluetooth]  hci_event_packet+0x579/0x7e0 [bluetooth]  hci_rx_work+0x287/0xaa0 [bluetooth]  process_one_work+0x526/0x9d0  worker_thread+0x92/0x630  kthread+0x196/0x1e0  ret_from_fork+0x2c/0x50 ==================================================================",null,[],[],[],[14],{"_key":15},"CVE-2023-53762",[],[],[],"2025-12-08T02:15:52.043Z","2026-04-28T20:27:09.245001Z",{"cisa_kev":22,"cisa_ransomware":22,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[24],{"url":25,"sources":26,"tags":28},"https://security-tracker.debian.org/tracker/CVE-2023-53762",[27],"osv_debian",[29],"Advisory",[],[],[],[34],{"ecosystem":35,"name":36,"vendor":37,"product":36,"cpe_part":9,"purl_type":38,"purl_namespace":37,"purl_name":36,"source":9,"versions":39},"Debian","linux","debian","deb",[40,44,48],{"version":41,"is_range":42,"range_type":43,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",true,"ecosystem",{"version":45,"is_range":42,"range_type":43,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9},"lt6_5_3_1","6.5.3-1","excluding",{"version":45,"is_range":42,"range_type":43,"version_start":9,"version_start_type":9,"version_end":46,"version_end_type":47,"fixed_in":9}]