CVE-2023-54120 | Bluetooth: Fix race condition in hidp_session_thread

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidp_session_thread There is a potential race condition in hidp_session_thread that may lead to use-after-free. For instance, the timer is active while hidp_del_timer is called in hidp_session_thread(). After hidp_session_put, then 'session' will be freed, causing kernel panic when hidp_idle_timeout is running. The solution is to use del_timer_sync instead of del_timer. Here is the call trace: ? hidp_session_probe+0x780/0x780 call_timer_fn+0x2d/0x1e0 __run_timers.part.0+0x569/0x940 hidp_session_probe+0x780/0x780 call_timer_fn+0x1e0/0x1e0 ktime_get+0x5c/0xf0 lapic_next_deadline+0x2c/0x40 clockevents_program_event+0x205/0x320 run_timer_softirq+0xa9/0x1b0 __do_softirq+0x1b9/0x641 __irq_exit_rcu+0xdc/0x190 irq_exit_rcu+0xe/0x20 sysvec_apic_timer_interrupt+0xa1/0xc0

Published: 2025-12-24 Last update: 2026-04-15 Assigner: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

NVD Status：Deferred，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2023-54120 is rated Low Risk (6/100): low exploitation likelihood (EPSS 0.02%). Mandatory action: Low composite risk—no urgent action required; patch on your normal maintenance cycle and revisit priority if CVSS or EPSS increases.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2023-54120

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-12-25	—	0.02%	—

Full EPSS history (1 record total)

Common vulnerability scoring system (CVSS) metrics for CVE-2023-54120

CVSS metrics for this CVE.

No CVSS data in dataset for this CVE.

Weakness enumeration for CVE-2023-54120

OS Trackers for CVE-2023-54120

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2023-54120 not yet assigned priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2023-54120
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2023-54120
`suse`	medium	—	https://www.suse.com/security/cve/CVE-2023-54120/
`ubuntu`	medium	CVE-2023-54120 medium priority: Ubuntu including 157 source packages (linux, linux-allwinner-5.19, …), 1405 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): DNE 1010, ignored 177, released 133, not-affected 64, needed 20, needs-triage 1.	https://ubuntu.com/security/CVE-2023-54120

Affected software / configurations for CVE-2023-54120

Vendor	Product	Version	Raw CPE
No affected products in dataset.

References for CVE-2023-54120

URL	Tags
https://git.kernel.org/stable/c/0efb276d5848a3accc37c6f41b85e442c4768169
https://git.kernel.org/stable/c/152f47bd6b995e0e98c85672f6d19894bc287ef2
https://git.kernel.org/stable/c/248af9feca062a4ca9c3f2ccf67056c8a5eb817f
https://git.kernel.org/stable/c/5f3d214d19899183d4e0cce7552998262112e4ab
https://git.kernel.org/stable/c/8a99e6200c38b78a45dcd12a6bdc43fdf4dc36be
https://git.kernel.org/stable/c/c95930abd687fcd1aa040dc4fe90dff947916460
https://git.kernel.org/stable/c/f6719fd8f409fa1da8dc956e93822d25e1e8b360
https://git.kernel.org/stable/c/f7ec5ca433ceead8d9d78fd2febff094f289441d

cvelogic Threat Intelligence