Lucene search
K

239 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 1:7 a.m.6 views

CVE-2026-53255

A flaw was found in the Linux kernel's Bluetooth Management MGMT component. A remote attacker could exploit this by providing specially crafted advertising data, leading to an out-of-bounds read vulnerability. This occurs because the system incorrectly validates the length of advertising data...

5.5CVSS5.9AI score0.00172EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.11 views

CVE-2026-53255

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate advertising TLV before type checks tlvdataisvalid reads each advertising data field length from datai, then inspects datai + 1 for managed EIR types before checking that the current field still fits insi...

0.00172EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39206

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate advertising TLV before type checks tlvdataisvalid reads each advertising data field length from datai, then inspects datai + 1 for managed EIR types before checking that the current field still fits insi...

6AI score0.00172EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53255

CVE-2026-53255 (Linux kernel Bluetooth MGMT TLV parsing) : The vulnerability arises in tlv_data_is_valid() where the advertising data field length is read from data[i] and the parser inspects data[i+1] for EIR types before confirming the field fits in the buffer. A malformed field whose length by...

6AI score0.00172EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fixed out-of-band OOB access during the parseadvmonitorpattern function execution. In the parseadvmonitorpattern function, the value of the length variable is currently limited to HCIMAXEXTADLENGTH251. The size o...

5.8AI score0.00168EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: rejecting malformed HCICMDSYNC commands In mgmthcicmdsync, check whether the size of the parameters passed in struct mgmtcphcicmdsync matches the total size of the data i.e., sizeofstruct mgmtcphcicmdsync plus th...

5.5CVSS6.3AI score0.00138EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fixed a dangling pointer in mgmtaddadvpatternsmonitorcomplete. This fix addresses the issue where, whenever status != -ECANCELED, mgmtpendingvalid was executed; otherwise, mgmtpendingfreecmd would free the memory...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: validate the length of the advertising payload sent via meshsend The meshsend function currently limits the MGMTOPMESHSEND operation based on the total command length. However, it does not verify whether the...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed possible UAFs This attempt addresses possible UAFs caused by the struct mgmtpending being freed while it is still being processed. To fix this issue, mgmtpendingvalid was introduced and used to check...

5.8AI score0.00183EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed a possible crash when calling mgmtindexremoved. If mgmtindexremoved is called while there are commands queued for cmdsync, it could lead to crashes, as shown in the following trace: 0x0000053D:...

5.5CVSS6.5AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed a memory leak in setsspcomplete. The memory leak was fixed in setsspcomplete, where the mgmtpendingcmd structures are not freed after they are removed from the pending list. Commit 302a1f674c00 “Bluetoot...

5.5CVSS6AI score0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 12:4 p.m.23 views

RLSA-2026:21557 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: j1939sessionnew: fix skb reference counting CVE-2024-56645 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: mm: thp: deny...

7.5CVSS7.1AI score0.00514EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.11 views

RockyLinux 8 : kernel-rt (RLSA-2026:21745)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS6AI score0.00514EPSS
Exploits0References37
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.20 views

RHEL 8 : kernel (RHSA-2026:21706)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21706 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible...

9.4CVSS6.5AI score0.00514EPSS
Exploits0References38
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.17 views

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

7.8CVSS6AI score0.00129EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.19 views

kernel: Bluetooth: MGMT: Fix possible UAFs

A flaw was found in the Linux kernel’s Bluetooth management subsystem net/bluetooth/mgmt.c. The mgmtpending structure may be freed while still being processed, or remain on the pending command list, which allows a use-after-free or double-free scenario. An attacker with local access to the system...

5.8AI score0.00183EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.25 views

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS6.6AI score0.00675EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2026/05/28 8:47 a.m.10 views

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

7.8CVSS6AI score0.00129EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 8:47 a.m.12 views

kernel: Bluetooth: MGMT: Fix possible UAFs

A flaw was found in the Linux kernel’s Bluetooth management subsystem net/bluetooth/mgmt.c. The mgmtpending structure may be freed while still being processed, or remain on the pending command list, which allows a use-after-free or double-free scenario. An attacker with local access to the system...

5.8AI score0.00183EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 8:47 a.m.22 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.5AI score0.00675EPSS
Exploits0References19
Rows per page
Query Builder