CVE-2026-31513 Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req

🗓️ 22 Apr 2026 13:54:30Reported by LinuxType

Linux kernel Bluetooth L2CAP fix stack out-of-bounds read in l2cap_ecred_conn_req caused by unchecked source channel ids.

Reporter	Title	Published	Views	Family All 15
AstraLinux	Astra Linux – Vulnerability in Linux 5.10	19 Jun 202611:10	–	astralinux
CNNVD	Linux kernel 安全漏洞	22 Apr 202600:00	–	cnnvd
CVE	CVE-2026-31513	22 Apr 202613:54	–	cve
Debian CVE	CVE-2026-31513	22 Apr 202613:54	–	debiancve
EUVD	EUVD-2026-24897	22 Apr 202615:31	–	euvd
NVD	CVE-2026-31513	22 Apr 202614:16	–	nvd
Tenable Nessus	Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50293)	4 Jun 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-31513	22 Apr 202600:00	–	nessus
OSV	BELL-CVE-2026-31513	23 Apr 202606:09	–	osv
OSV	DEBIAN-CVE-2026-31513	22 Apr 202614:16	–	osv

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/bluetooth/l2cap_core.c"
    ],
    "versions": [
      {
        "version": "935f324e4b2461df2cf7f02b4195082b4304c708",
        "lessThan": "c8e1a27edb8b4e5afb56b384acd7b6c2dec1b7cc",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "e981a9392800ce2c5bca196a6ab2c55e9370efaa",
        "lessThan": "5b35f8211a913cfe7ab9d54fa36a272d2059a588",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "f3fdf2e7276a3edc5df55454275da20eac186970",
        "lessThan": "a3d9c50d69785ae02e153f000da1b5fd6dbfdf1b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "c28d2bff70444a85b3b86aaf241ece9408c7858c",
        "lessThan": "9d87cb22195b2c67405f5485d525190747ad5493",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/bluetooth/l2cap_core.c"
    ],
    "versions": [
      {
        "version": "6.12.75",
        "lessThan": "6.12.80",
        "status": "affected",
        "versionType": "semver"
      },
      {
        "version": "6.18.16",
        "lessThan": "6.18.21",
        "status": "affected",
        "versionType": "semver"
      },
      {
        "version": "6.19.6",
        "lessThan": "6.19.11",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/c8e1a27edb8b4e5afb56b384acd7b6c2dec1b7cc
git	www.git.kernel.org/stable/c/a3d9c50d69785ae02e153f000da1b5fd6dbfdf1b
git	www.git.kernel.org/stable/c/5b35f8211a913cfe7ab9d54fa36a272d2059a588
git	www.git.kernel.org/stable/c/9d87cb22195b2c67405f5485d525190747ad5493

11 May 2026 22:10Current

CVSS 3.18.1

EPSS0.00252