12 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcievent: fix potential UAF in SSP passkey handlers hciconn lookup and field access must be covered by hdev lock in hciuserpasskeynotifyevt and...
CVE-2026-43018
The CVE-2026-43018 entry is confirmed: a Use-After-Free in Linux kernel Bluetooth HCI event handling (hci_le_remote_conn_param_req_evt) due to insufficient locking during hci_conn lookup/access. The vulnerability arises from hci_conn lookup and field access not always being protected by the hdev ...
EUVD-2026-26617
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of boundary checking of short frames in Bluetooth HCI event handling, which could lead to...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005525)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005525 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix handling of HCIEVIOCAPAREQUEST If we received HCIEVIOCAPAREQUEST while...
Bluetooth RFCOMM 1.1 Signal-Triggered Air-Gap Interaction
This project demonstrates how Flipper Zero can be used to interact with devices in an Air-Gap context using Bluetooth RFCOMM signals. The system monitors RSSI signal strength and uses statistical peak detection Z-Score analysis to identify significant signal spikes from target devices. When a pea...
SUSE-SU-2025:4149-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc124985...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly locking hdev to handle HCIEVNUMCOMPPKTS events, which could lead to reuse after release...
SUSE-SU-2025:02850-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. - CVE-2023-52927: netfilter: allow exp not to be removed in...
Linux Distros Unpatched Vulnerability : CVE-2024-27416
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix handling of HCIEVIOCAPAREQUEST If we received HCIEVIOCAPAREQUEST...
SUSE CVE-2024-56654
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix using rcureadunlock while iterating The usage of rcureadunlock while inside listforeachentryrcu is not safe since for the most part entries fetched this way shall be treated as rcudereference: Note that t...
The vulnerability of the hci_le_big_sync_established_evt() function in the Linux operating system’s Bluetooth kernel implementation allows a attacker to cause a service failure.
The vulnerability of the hcilebigsyncestablishedevt function in the net/bluetooth/hcievent.c module of the Linux operating system’s Bluetooth kernel implementation is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...