Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a deadlock in l2capconndel. The l2capconndel function calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the functions l2capinfotimeout and...

EUVD-2026-24875

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the work functions l2capinfotimeout and l2capconnupdateidaddr both acqui...

CVE-2026-31498

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdulen infinite loop l2capconfigreq processes CONFIGREQ for channels in BTCONNECTED state to support L2CAP reconfiguration e.g. MTU changes. However, since both CONFINPUTDONE and...

UBUNTU-CVE-2026-23461

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2capunregisteruser After commit ab4eedb790ca "Bluetooth: L2CAP: Fix corrupted list in hcichandel", l2capconndel uses conn-lock to protect access to conn-users. However, l2capregisteruser a...

CVE-2026-28526 BlueKitchen BTstack < 1.8.1 AVRCP Controller LIST_PLAYER_APPLICATION_SETTING_* Handlers OOB Read

BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LISTPLAYERAPPLICATIONSETTINGATTRIBUTES and LISTPLAYERAPPLICATIONSETTINGVALUES handlers that allows attackers to read beyond buffer boundaries. A nearby attacker with a paired Bluetooth...

CVE-2025-32061 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

CVE-2025-32059 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service

A flaw was found in the Linux kernel's Common Internet File System CIFS component. This use-after-free vulnerability occurs due to improper handling of server hostname information during connection re-establishment. An attacker on an adjacent network could exploit this, potentially leading to a...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: Bluetooth: L2CAP: Fix user-after-free

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986535)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986535 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix u8 overflow By keep sending L2CAPCONFREQ packets, chan-numconfrsp increases...

EUVD-2023-59892

Malicious code in bioql PyPI...

CVE-2022-50386

CVE-2022-50386 is a Linux kernel Bluetooth L2CAP use‑after‑free vulnerability. The fix adds a guard by calling l2cap_chan_hold_unless_zero() after __l2cap_get_chan_blah() to prevent a use‑after‑free in l2cap_chan_destroy. Affected: Linux kernel Bluetooth L2CAP path; impact per sources is high (CV...

CVE-2024-45431

OpenSynergy BlueSDK aka Blue SDK through 6.x has Improper Input Validation. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper validation of remote L2CAP channel ID CID. An attacker can leverage this to create an L2CAP channel with the null...

CVE-2024-45431

OpenSynergy BlueSDK aka Blue SDK through 6.x has Improper Input Validation. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper validation of remote L2CAP channel ID CID. An attacker can leverage this to create an L2CAP channel with the null...

Linux Distros Unpatched Vulnerability : CVE-2025-38473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: Fix null-ptr-deref in l2capsockresumecb syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar problem that was fixed...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-50124: Bluetooth: ISO: Fix UAF on isosocktimeout bsc1232927 CVE-2024-50127: net: sched: fix use-after-free in tapriochange bsc1232908 CVE-2024-50125: Bluetooth: SCO: Fix UAF on scosocktimeout bsc1232929...

SUSE-SU-2025:20434-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4

This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-56582: btrfs: fix use-after-free in btrfsencodedreadendio bsc1235129 - CVE-2024-56605: Bluetooth: L2CAP: do not leav...

CVE-2025-5820

Sony XAV-AX8500 Bluetooth ERTM Channel Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected Sony XAV-AX8500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

CVE-2023-26979

Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to decrease or increase the intensity of the stimulator by hijacking the BLE communication...