61 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53253
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control...
SUSE CVE-2026-53253
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...
CVE-2026-53253
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...
CVE-2026-53253
CVE-2026-53253 affects the Linux kernel Bluetooth BNEP stack. The vulnerability arises when a BNEP peer sends a short SDU and the kernel bnep_rx_frame() reads the packet type, then bnep_rx_control() dereferences the control opcode or setup UUID-size byte before ensuring those bytes are present. T...
CVE-2026-53253 Bluetooth: bnep: reject short frames before parsing
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...
EUVD-2026-39204
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...
PT-2026-52348
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth BNEP implementation where a peer can send a short BNEP Service Discovery Unit SDU. The function bnep rx frame reads the packet type byte and, for control...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005192)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005192 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in protounregister There's issue as follows: KASAN: maybe...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001202)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001202 advisory. The bnepaddconnection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local use...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003207)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003207 advisory. The bnepaddconnection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local use...
CVE-2025-22406
In bnepuchecksendpacket of bneputils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-22406
In bnepuchecksendpacket of bneputils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a memory misreference vulnerability that stems from a mix-up in the bneputils.cc instruction bnepuchecksendpacket responsible for freeing memory, which can be exploited by an attacker to elevate...
PT-2025-11069 · Google · Android
Name of the Vulnerable Software and Affected Versions: bnepu affected versions not specified Description: A use-after-free issue exists in the bnepu check send packet function within bnep utils.cc. This could lead to local escalation of privilege without requiring additional execution privileges ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: bnep: fixed wild-memory-access in protounregister The issues are as follows: KASAN: possible wild-memory-access within the range 0xdead...108-0xdead...10f CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP:...
SUSE CVE-2024-50148
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in protounregister There's issue as follows: KASAN: maybe wild-memory-access in range 0xdead...108-0xdead...10f CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP:...
CVE-2024-50148
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in protounregister There's issue as follows: KASAN: maybe wild-memory-access in range 0xdead...108-0xdead...10f CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP:...
AZL-53316 CVE-2024-50148 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in protounregister There's issue as follows: KASAN: maybe wild-memory-access in range 0xdead...108-0xdead...10f CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP:...
DEBIAN-CVE-2024-50148
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in protounregister There's issue as follows: KASAN: maybe wild-memory-access in range 0xdead...108-0xdead...10f CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP:...
AZL-53271 CVE-2024-50148 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in protounregister There's issue as follows: KASAN: maybe wild-memory-access in range 0xdead...108-0xdead...10f CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP:...