LiveActive security incident?Get immediate response
CVE Record

CVE-2023-54197: Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"

In the Linux kernel, the following vulnerability has been resolved: Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" This reverts commit 1e9ac114c4428fdb7ff4635b45d4f46017e8916f. This patch introduces a possible null-ptr-def problem. Revert it. And the fixed bug by this patch have resolved by commit 73f7b171b7c0 ("Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition").

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

This CVE concerns the Linux kernel Bluetooth SDIO driver. A prior kernel patch meant to fix a use-after-free issue introduced a possible null-pointer problem, so Linux reverted it. The public bundle provides no CVSS score, no CWE, and no active exploitation evidence.

Executive priority

Handle through normal kernel patch management unless Bluetooth SDIO exposure is confirmed on sensitive systems. The urgency is limited by missing severity data and no cited exploitation, but kernel issues still warrant timely maintenance.

Technical view

The issue is in Linux Bluetooth btsdio cleanup logic. Commit 1e9ac114c442 was reverted because it could introduce a possible null-pointer dereference condition. The original use-after-free concern was reportedly addressed separately by commit 73f7b171b7c0. Multiple Linux stable commits are cited as the resolution path.

Likely exposure

Exposure is most relevant to Linux systems running affected kernel versions or custom kernels containing the problematic btsdio change, especially where Bluetooth SDIO support is present. The bundle does not identify distributions, appliances, or cloud services as affected.

Exploitation context

The CVE is not marked as KEV, and the supplied sources do not report exploitation, public exploit code, or attack prerequisites. Treat exploitability as unclear until vendor advisories or kernel maintainers provide more detail.

Researcher notes

Key uncertainty is exploitability. The record describes a regression-style kernel fix: reverting a patch that introduced a possible null-pointer issue while relying on a separate race-condition fix. Validate branch-specific status carefully because the source bundle lists mixed commit hashes and kernel releases.

Mitigation direction

  • Apply vendor or distribution kernel updates that include the referenced stable Linux fixes.
  • Prioritize systems using Bluetooth SDIO hardware or custom kernels carrying the reverted commit.
  • If no vendor patch is available, track Linux stable guidance before backporting.
  • Treat workaround decisions as environment-specific because sources do not name a mitigation.

Validation and detection

  • Inventory Linux kernel versions and compare them with the CVE-listed affected releases.
  • Check whether Bluetooth SDIO btsdio support is present and used on relevant systems.
  • Verify distribution advisories or kernel changelogs include a referenced stable fix commit.
  • Confirm updated kernels boot successfully and Bluetooth behavior remains acceptable.
Prepared
Confidence
medium
Sources
11

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2023-54197 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
0ADP providers
10Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux95eacef5692545f199fae4e52abfbfa273acb351, af4d48754d5517d33bac5e504ff1f1de0808e29e, a18fb433ceb56e0787546a9d77056dd0f215e762, da3d3fdfb4d523c5da30e35a8dd90e04f0fd8962, 8efae2112d910d8e5166dd0a836791b08721eef1, cbf8deacb7053ce3e3fed64b277c6c6989e65bba, c59c65a14e8f7d738429648833f3bb3f9df0513f, 1e9ac114c4428fdb7ff4635b45d4f46017e8916f, 1e9ac114c4428fdb7ff4635b45d4f46017e8916f, 4.14.312, 4.19.280, 5.4.240, 5.10.177, 5.15.105, 6.1.22, 6.2.9unaffected
LinuxLinux6.3, 0, 4.14.315, 4.19.283, 5.4.243, 5.10.180, 5.15.111, 6.1.28, 6.2.15, 6.3.2, 6.4affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.