CVE-2026-45835

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol component. A missing null pointer check in the l2capsocknewconnectioncb function could allow a remote attacker to trigger a null-pointer dereference. This vulnerability can lead to a system crash,...

SUSE CVE-2026-45836

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockgetsndtimeocb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

CVE-2026-45835

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

CVE-2026-45834

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

CVE-2026-45835

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

CVE-2026-45835

In the Linux kernel, the Bluetooth L2CAP subsystem was vulnerable to a null-pointer dereference in l2cap_sock_new_connection_cb(). The issue was mitigated by adding the same NULL guard already present in l2cap_sock_resume_cb() and l2cap_sock_ready_cb(), aligning the code with existing guards. Aff...

CVE-2026-45835 Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

EUVD-2026-31857

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

EUVD-2026-31856

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

PT-2026-43303

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap sock new connection cb Add the same NULL guard already present in l2cap sock resume cb and l2cap sock ready cb...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of null pointer checking in the l2capsockstatechangecb function within the Bluetooth L2CAP...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of null pointer checking in the l2capsocknewconnectioncb function within the Bluetooth L2CAP...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP – Fixed a potential issue after the “user-after-free” operation. This fix addresses all cases where allocating a buffer using allocskb might release the “chan lock”, and reacquiring it later could result in the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recvcb and release The issue occurs between the system call to close the socket and the hcirxwork function. In this process, the former releases the socket, while the latter accesses it without proper...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed an issue where user input was not validated. The length of user input was checked before data was copied...

Astra Linux - уязвимость в linux-5.10, linux

A issue was discovered in the Linux kernel through version 6.0.10. In the l2capconfigreq function within net/bluetooth/l2capcore.c, there is an integer wraparound occurring when processing L2CAPCONFREQ packets...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: Fixed a issue where user input was not validated using setsockopt. The length of user input was checked before data was copied...

CVE-2026-43062

A flaw was found in the Linux kernel's Bluetooth L2CAP component. A type confusion vulnerability exists in the l2capecredreconfrsp function, where incoming data is incorrectly cast. This can lead to valid L2CAPECREDRECONFRSP packets being rejected and incorrect data being processed, potentially...

CVE-2026-43134 Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...

CVE-2026-43119

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...