Linux Distros Unpatched Vulnerability : CVE-2026-43119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fixed the issue where no check was performed on the length of skb in hciacldatapacket. This fix ensures that it actually checks whether skb truly contains an ACL header; otherwise, the code may attempt to acce...

CVE-2022-31462

Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password derived from the serial number that can be found in Bluetooth broadcast data...

ROS-20251125-01

A vulnerability in the cross-platform software development framework Qt is related to a bug in the data boundary checking when reading data from Bluetooth L2CAP socket in processUnsolicitedReply and processReply in bluetooth/qlowenergycontrollerbluez.cpp. Exploitation of the vulnerability could...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989864)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989864 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at t...

EUVD-2025-31182

Malicious code in bioql PyPI...

CVE-2021-39805

In l2cbleprocesssigcmd of l2cble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

DEBIAN-CVE-2022-49909

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix use-after-free in l2capconndel When l2caprecvframe is invoked to receive data, and the cid is L2CAPCIDA2MP, if the channel does not exist, it will create a channel. However, after a channel is created, the...

CVE-2023-21202

In btmdeletestoredlinkkeycomplete of btmdevctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

CVE-2022-33734

Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission...

CVE-2022-33733

Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices Charm versions prior to 1.2.3, which originates from the disclosure of sensitive information ...

PT-2022-21851 · Samsung · Charm

Name of the Vulnerable Software and Affected Versions: Charm by Samsung versions prior to 1.2.3 Description: The issue allows an attacker to obtain Bluetooth connection information without permission due to sensitive information exposure in the onCharacteristicChanged function. Recommendations: F...

CVE-2022-31462

Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password derived from the serial number that can be found in Bluetooth broadcast data...

CVE-2021-25472

An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information...

CVE-2021-25453

Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information...

CVE-2021-25430

Improper access control vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application...

CVE-2021-0475

In onl2capdataind of btifsockl2cap.cc, there is possible memory corruption due to a use after free. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

Samsung Gear S2 安全漏洞

Samsung Gear S2 is a smartwatch from Samsung South Korea. A security vulnerability exists in the Gear S Plugin version 2.2.05.20122441, which allows untrusted applications to access information about connected BT devices...

Multiple Qualcomm Products Input Validation Error Vulnerability

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way to miniaturize circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. An input validation error vulnerability exists in...