CVE-2026-0045

CVE-2026-0045 concerns a logic error in the Bluetooth stack: in bta_jv_rfcomm_connect of bta_jv_act.cc , there is a possible bypass of bonding for a secure connection. This could allow local escalation of privilege with no additional execution privileges needed, and requires no user interaction t...

UBUNTU-CVE-2026-46140

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

CVE-2026-46140

The CVE affects Linux kernel Bluetooth btmtk code. btmtk_usb_hci_wmt_sync() casts WMT event response SKB data to btmtk_hci_wmt_evt (7 bytes) and btmtk_hci_wmt_evt_funcc (9 bytes) without verifying that the SKB contains enough data, causing out-of-bounds reads from SKB tailroom when a short firmwa...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with the WMT event length verification in the btmtk module. This vulnerability may lead ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of clamping on the rx length in the Bluetooth virtiobt module. This vulnerability may le...

Astra Linux - уязвимость в linux

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in orde...

Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock

...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001457)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001457 advisory. Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected...

PT-2026-2908

Name of the Vulnerable Software and Affected Versions AIRTH SMART HOME AQI MONITOR Bootloader version 1.005 Description An issue allows a physically proximate attacker to obtain sensitive information via the UART port of the BK7231N controller Wi-Fi and BLE module on the device. The UART port is...

ROS-20260112-7345

A vulnerability in the l2capsockrecvcb function in the net/bluetooth/l2capsock.c module of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

EUVD-2021-27203

Malware in sbrugna...

EUVD-2021-27192

Malware in sbrugna...

EUVD-2021-27206

Malware in sbrugna...

EUVD-2022-50993

Malicious code in bioql PyPI...

EUVD-2023-48462

Malicious code in bioql PyPI...

EUVD-2023-58745

Malicious code in bioql PyPI...

EUVD-2023-48460

Malicious code in bioql PyPI...

EUVD-2023-48459

Malicious code in bioql PyPI...

EUVD-2022-50992

Malicious code in bioql PyPI...

EUVD-2022-51014

Malicious code in bioql PyPI...