Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fixed a nullptrderef issue in rfcommchecksecurity. During our fuzz testing of the connection and disconnection processes at the RFCOMM layer, we discovered this bug. By comparing the packets generated during a...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: In hcievent, there is a callback for call disconnect that is called before the connection is deleted. In hcicsdisconnect, we call hciconndel even if the disconnection fails. ISO, L2CAP, and SCO connections refer to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fixed a null pointer dereference in btintelreadversion. If hcicmdsyncComplete is triggered and skb is NULL, then hdev-reqskb will also be NULL, which will cause this issue...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fixed UAF in hciconntxdequeue This fixed the following UAF that occurred due to improper locking of hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: Slab-use-after-free in hciconntxdequeue+0x1be/0x220...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: Fixed a UAF in lereadfeaturescomplete. This fix addresses the issue where the hciconn variable was freed before lereadfeaturescomplete, but after hcilereadremotefeaturessync. As a result, hciconndel -...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1, Linux-5.10

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections support pairing in Bluetooth Core Specification 4.2 through 5.4. However, these devices are vulnerable to certain man-in-the-middle attacks, which force the use of a short key length. This vulnerability may lead to the...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A issue was discovered in l2capsockrelease in net/bluetooth/l2capsock.c in the Linux kernel before version 6.4.10. There is a use-after-free issue, as the children of a sk object are handled incorrectly...

CVE-2026-52866 Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT Missing Authorization

An attacker within BLE communication range can monopolize the device's only available BLE connection slot, preventing legitimate users or applications from establishing a connection...

Chromium: CVE-2026-11699 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11633 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

About the security content of Beats Firmware Update 1B211

About the security content of Beats Firmware Update 1B211 This document describes the security content of Beats Firmware Update 1B211. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

CVE-2026-12222 Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

EUVD-2026-35225

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

EUVD-2026-35241

Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11633

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...

Zephyr 缓冲区错误漏洞

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. Zephyr has a buffer error vulnerability, which stems from a 2-byte out-of-bounds write during the L2CAP LE CoC SDU recombination process by the Bluetooth host. This vulnerability may cause remote,...

CVE-2026-11699

CVE-2026-11699 : Use-after-free in Bluetooth in Google Chrome on macOS before 149.0.7827.103. This allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. Impact: high. Remediation: upgrade to Chrome 149.0.7827.103 or later (as referenced by the Chrome release not...

CVE-2026-11698

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-11698

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-11698

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...