Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987175)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987175 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix use-after-free in l2capconndel When l2caprecvframe is invoked to receive...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414583)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414583 advisory. A use-after-free in function hcisockboundioctl of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986555)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986555 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: cancel all works upon hciunregisterdev syzbot is reporting that calling...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986698 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986337)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986337 advisory. In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: mask bus reset interrupts between ISR and bottom half In the FireWire OHCI...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987359 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hcisendacl This fixes the following trace caused by receiving...

EUVD-2022-55505

Malicious code in bioql PyPI...

EUVD-2022-55623

Malicious code in bioql PyPI...

EUVD-2025-31884

Malicious code in bioql PyPI...

AZL-75246 CVE-2023-53520 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...

UBUNTU-CVE-2023-53520

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...

CVE-2023-53520

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...

CVE-2023-53520

CVE-2023-53520 relates to the Linux kernel Bluetooth subsystem. A race can occur when an hci_dev object is freed by hci_unregister_dev() while hci_suspend_notifier may still access it, potentially causing a crash (as shown by the call trace in hci_suspend_sync). The patch fixes this by holding a ...

Bluetooth: hci_event: Ignore multiple conn complete events

...

UBUNTU-CVE-2025-39889

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Check encryption key size on incoming connection This is required for passing GAP/SEC/SEM/BI-04-C PTS test case: Security Mode 4 Level 4, Responder - Invalid Encryption Key Size - 128 bit This tests the security...

CVE-2022-50419

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times deviceadd shall not be called multiple times as stated in its documentation: 'Do not call this routine or deviceregister more than once for any device structure...

SUSE CVE-2022-50339

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hcidevtestandsetflag in mgmtinithdev syzbot is again reporting attempt to cancel uninitialized work at mgmtindexremoved 1, for setting of HCIMGMT flag from mgmtinithdev from hcimgmtcmd from hcisocksendmsg can rac...

PT-2025-38008

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to Bluetooth functionality. Specifically, a race condition can occur within the mgmt init hdev function due to the lack of serialization via hc...

Linux Distros Unpatched Vulnerability : CVE-2023-53252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hciconnparams and iterate safely in hcisync hciupdateacceptlistsync...

SUSE CVE-2023-53252

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hciconnparams and iterate safely in hcisync hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events in the loop body, without holding hdev lock...