Lucene search
K

1504 matches found

CVE
CVE
added 2 days ago9 views

CVE-2026-9263

The CVE-2026-9263 issue affects Zephyr’s Bluetooth controller ISO Adaptation Layer (ISOAL). It stems from insufficient validation of framed ISO PDU start segments: start segments with sc=0 are required to have a len of at least 3 (PDU_ISO_SEG_TIMEOFFSET_SIZE), but isoal_check_seg_header() accepte...

6.5CVSS6AI score0.00172EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-53209

A flaw was found in the Bluetooth subsystem of the Linux kernel, specifically within the hcisync component. This vulnerability occurs when the hciadvbcastannoucement function attempts to prepend Broadcast Announcement service data to an existing advertising payload that is already at its maximum...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 6 days ago8 views

Oracle Linux 9 : kernel (ELSA-2026-27789)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27789 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

9.8CVSS7.2AI score0.00563EPSS
Exploits13References18
RedhatCVE
RedhatCVE
added 2026/06/25 11:24 p.m.8 views

CVE-2026-53072

A flaw was found in the Linux kernel's Bluetooth subsystem. Improper handling of locking within the hciconnrequestevt function, particularly when the HCIPROTODEFER protocol is active, can result in a Use-After-Free UAF vulnerability. This condition arises when a connection object is accessed afte...

8.8CVSS6AI score0.00247EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:2 p.m.5 views

CVE-2026-53073

A flaw was found in the Linux kernel's Bluetooth Host Controller Interface HCI Universal Asynchronous Receiver/Transmitter UART driver. When the hciregisterdev function fails, a flag indicating protocol initialization is not properly cleared. This oversight allows incoming UART data to be process...

7CVSS5.7AI score0.00172EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.10 views

CVE-2026-53276

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

7.8CVSS0.0012EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53251

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...

0.00175EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.10 views

CVE-2026-53252

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix memory leak in error path of hciallocdev Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory. When device initialization fails before hciregisterdev completes, the HCIUNREGISTER flag is never...

0.00189EPSS
Exploits0References7
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS0.00138EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References9
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53252

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix memory leak in error path of hciallocdev Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory. When device initialization fails before hciregisterdev completes, the HCIUNREGISTER flag is never...

6.7CVSS5.7AI score0.00189EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53276

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

7.8CVSS5.6AI score0.0012EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53276

The CVE-2026-53276 entry concerns the Linux kernel Bluetooth ISO stack. A use-after-free occurs in iso_sock_rebind_bc where the bis pointer is cached and the socket lock is released before traversals, allowing a concurrent close() to free the hci_conn and its bis structure. The code then accesses...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.30 views

CVE-2026-53276 Bluetooth: ISO: Fix a use-after-free of the hci_conn pointer

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

7.8CVSS0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:39 a.m.10 views

CVE-2026-53252

CVE-2026-53252 (Linux kernel Bluetooth): The vulnerability is a memory leak in the early error path of Bluetooth HCI device allocation (hci_alloc_dev). If initialization fails before hci_register_dev(), the HCI_UNREGISTER flag isn’t set, causing bt_host_release() to skip proper cleanup of the SRC...

5.7AI score0.00189EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39203

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix memory leak in error path of hciallocdev Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory. When device initialization fails before hciregisterdev completes, the HCIUNREGISTER flag is never...

5.7AI score0.00189EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS5.8AI score0.00138EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: fix locking in hciconnrequestevt with HCIPROTODEFER When protocol sets HCIPROTODEFER, hciconnrequestevt calls hciconnectcfmconn without hdev-lock...

8.8CVSS5.9AI score0.00247EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling...

5.8AI score0.00172EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

RockyLinux 9 : kernel (RLSA-2026:27789)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27789 advisory. kernel: can: isotp: fix tx.buf use-after-free in isotpsendmsg CVE-2026-31474 kernel: mptcp: fix slab-use-after-free in inetlookupestablished...

9.8CVSS7.1AI score0.004EPSS
Exploits9References35
Rows per page
Query Builder