Linux kernel set_cig_params_sync function memory misreference vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A memory misreference vulnerability exists in the Linux kernel. The vulnerability stems from the setcigparamssync function in Bluetooth hciconn not locking hciconn, which can b...

CVE-2026-43019

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in setcigparamssync hciconn lookup and field access must be covered by hdev lock in setcigparamssync, otherwise it's possible it is freed concurrently. Take hdev lock to prevent hciconn from...

CVE-2026-43019 Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in setcigparamssync hciconn lookup and field access must be covered by hdev lock in setcigparamssync, otherwise it's possible it is freed concurrently. Take hdev lock to prevent hciconn from...

CVE-2026-43019

The CVE-2026-43019 issue affects the Linux kernel Bluetooth HCI path, where hci_conn lookups and field access in set_cig_params_sync were not properly protected by the hdev lock, allowing a use-after-free when an hci_conn could be freed concurrently. The documented fix is to take the hdev lock to...