SUSE CVE-2026-9881

Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...

Chromium: CVE-2026-9964 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux Distros Unpatched Vulnerability : CVE-2026-43322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hcileremoteconnparamreqevt function in Bluetooth hcievent not locking the hciconn, which could lead to...

SUSE-SU-2026:21339-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management...

SUSE-SU-2026:21329-1 Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management...

SRK Powertech Pebble Prism Ultra 安全漏洞

The SRK Powertech Pebble Prism Ultra is a Bluetooth-enabled smartwatch produced by the Indian company SRK Powertech. Version 2.9.2 of the SRK Powertech Pebble Prism Ultra contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization mechanisms in th...

RHEL 8 : kernel (RHSA-2026:1512)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1512 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: e1000e: fix heap overflow in...

kernel: Bluetooth: hci_event: call disconnect callback before deleting conn

A flaw was found in the Linux kernel in which a callback is not called when a Bluetooth peripheral is disconnected. This flaw leads to a use-after-free, which an attacker could use to escalate their privileges, corrupt system memory, or otherwise cause a denial of service...

MiracleLinux 9 : kernel-5.14.0-284.18.1.el9_2 (AXSA:2023-6137:18)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6137:18 advisory. kernel: use-after-free vulnerability in the perfgroupdetach function of the Linux Kernel Performance Events CVE-2023-2235 kernel: netfilter:...

PT-2025-52995

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Bluetooth implementation within the hci conn component. Specifically, the hci connect sco and hci connect cis functions were returning NULL when a lin...

Linux Distros Unpatched Vulnerability : CVE-2025-40318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcisync: fix race in hcicmdsyncdequeueonce hcicmdsyncdequeueonce does lookup and then cancel the entry under two separate lock sections. Meanwhile,...

Siemens SIMATIC S7-1500 Use After Free (CVE-2023-40283)

An issue was discovered in l2capsockrelease in net/bluetooth/l2capsock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 kernel: Bluetooth: Fix potentia...

RHEL 8 : kernel-rt (RHSA-2025:17812)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17812 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

CVE-2024-45431

OpenSynergy BlueSDK (Blue SDK) before and including version 6.x contains an Improper Input Validation flaw in the Bluetooth stack: the remote L2CAP channel ID (CID) is not properly validated, allowing an L2CAP channel to be created with a null remote CID. This has been described in multiple sourc...

Linux Distros Unpatched Vulnerability : CVE-2021-33110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation for some IntelR Wireless BluetoothR products and KillerTM BluetoothR products in Windows 10 and 11 before version 22.80 may allow an...

PT-2025-27315 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment affected versions not specified Description: A specific flaw exists within the Bluetooth stack of the MIB3 infotainment, resulting from the lack of proper validation of user-supplied data. This can lead to an arbitrary chann...

SUSE-SU-2025:1454-1 Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: - CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. - CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize...

Linux Distros Unpatched Vulnerability : CVE-2019-10207

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access...