In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp

conn->chan_lock isn't acquired before l2cap_get_chan_by_scid,
if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance'
is triggered.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/116b9c002c894097adc2b8684db2d1da4229ed46 cve-icon
https://git.kernel.org/stable/c/2112c4c47d36bc5aba3ddeb9afedce6ae6a67e7d cve-icon
https://git.kernel.org/stable/c/25e97f7b1866e6b8503be349eeea44bb52d661ce cve-icon
https://git.kernel.org/stable/c/5134556c9be582793f30695c09d18a26fe1ff2d7 cve-icon
https://git.kernel.org/stable/c/55410a9144c76ecda126e6cdec556dfcd8f343b2 cve-icon
https://git.kernel.org/stable/c/5f352a56f0e607e6ff539cbf12156bfd8af232be cve-icon
https://git.kernel.org/stable/c/6a27762340ad08643de3bc17fe1646ea489ca2e2 cve-icon
https://git.kernel.org/stable/c/fd269a0435f8e9943b7a57c5a59688848d42d449 cve-icon
History

Tue, 16 Sep 2025 08:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, if l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance' is triggered.
Title Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2025-09-16T08:11:29.283Z

Reserved: 2025-09-16T08:09:37.993Z

Link: CVE-2023-53297

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.