153 matches found
CVE-2026-46135
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...
UBUNTU-CVE-2026-46135
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...
EUVD-2026-32762
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...
CVE-2026-46135
CVE-2026-46135 affects the Linux kernel nvmet-tcp (NVMe over TCP). A race between ICReq handling and target‑side queue teardown can transition queue state in a non‑serialized way, potentially allowing a second teardown path and a re‑entry after a disconnect, including a possible double free scena...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a stack-out-of-bounds read in l2capecredconnreq. Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd, which is triggered by a malformed Enhanced Credit Based Connection Request. The...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: In TCP handling, do not call reqskfastopenremove in tcpconnrequest. syzbot reported a segmentation fault in tcpconnrequest. 0 If a listener is closed while a TFO socket is being processed in tcpconnrequest, inetcskreqskqueueadd...
EUVD-2026-27694
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...
CVE-2026-43134
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...
CVE-2026-43134 Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...
CVE-2026-43134
The CVE-2026-43134 entry affects the Linux kernel Bluetooth stack. The root cause is a missing encryption key size check in the L2CAP_LE_CONN_REQ handling, which could permit a malformed L2CAP LE connection request and trigger a protocol violation. A patch was added to perform the key-size valida...
PT-2026-37474
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAP LE CONN REQ This adds a check for encryption key size upon receiving L2CAP LE CONN REQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAP CR LE BAD KEY SIZE...
CVE-2026-31513 Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2capecredconnreq Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2026-31513
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of- bounds read in l2capecredconnreq Syzbot reported a KASAN...
PT-2026-34418
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap ecred conn req Syzbot reported a KASAN stack-out-of-bounds read in l2cap build cmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerabili...
SUSE CVE-2026-23395
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
EUVD-2026-15398
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
CVE-2026-23395
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
UBUNTU-CVE-2026-23395
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
CVE-2026-23395
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
CVE-2026-23395
CVE-2026-23395 affects the Linux kernel Bluetooth L2CAP handling of ECRED connection requests. The issue stems from accepting multiple L2CAP_ECRED_CONN_REQs regardless of the command identifier, which can cause multiple requests to be marked pending (FLAG_DEFER_SETUP) and may lead to allocating m...