Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: l2cap: Add missing chan lock in l2capecredreconfrsp l2capecredreconfrsp calls l2capchandel without holding l2capchanlock. Every other l2capchandel...

8.8CVSS6AI score0.00266EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53071

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Add missing chan lock in l2capecredreconfrsp l2capecredreconfrsp calls l2capchandel without holding l2capchanlock. Every other l2capchandel caller in the file acquires the lock first. A remote BLE device can sen...

8.8CVSS0.00266EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51965

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Bluetooth Logical Link Control and Adaptation Protocol L2CAP implementation. A remote Bluetooth Low Energy BLE device can trigger the issue by sending a specially...

9.8CVSS5.8AI score0.0049EPSS
Exploits5References401
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.9 views

SUSE CVE-2026-43062

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix type confusion in l2capecredreconfrsp l2capecredreconfrsp casts the incoming data to struct l2capecredconnrsp the ECRED connection response, 8 bytes with result at offset 6 instead of struct...

5.8AI score0.00215EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/05 6:33 p.m.19 views

EUVD-2026-27358

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix type confusion in l2capecredreconfrsp l2capecredreconfrsp casts the incoming data to struct l2capecredconnrsp the ECRED connection response, 8 bytes with result at offset 6 instead of struct...

5.8AI score0.00215EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/05 3:17 p.m.64 views

CVE-2026-43062 Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix type confusion in l2capecredreconfrsp l2capecredreconfrsp casts the incoming data to struct l2capecredconnrsp the ECRED connection response, 8 bytes with result at offset 6 instead of struct...

7.1CVSS0.00215EPSS
Exploits0References8
CVE
CVE
added 2026/05/05 3:17 p.m.30 views

CVE-2026-43062

CVE-2026-43062 concerns the Linux kernel Bluetooth L2CAP path, where l2cap_ecred_reconf_rsp() incorrectly casts incoming data to struct l2cap_ecred_conn_rsp instead of struct l2cap_ecred_reconf_rsp. This type confusion causes: (1) the length check to require 8 bytes instead of 2, rejecting valid ...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/05/05 3:17 p.m.3 views

CVE-2026-43062 Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix type confusion in l2capecredreconfrsp l2capecredreconfrsp casts the incoming data to struct l2capecredconnrsp the ECRED connection response, 8 bytes with result at offset 6 instead of struct...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.9 views

PT-2026-37065

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A type confusion issue exists in the Bluetooth L2CAP component within the l2cap ecred reconf rsp function. The function incorrectly casts incoming data to struct l2cap ecred conn rsp...

7.1CVSS5.4AI score0.00215EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-43062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix type confusion in l2capecredreconfrsp l2capecredreconfrsp casts the incoming data to struct l2capecredconnrsp the ECRED connection respons...

7.1CVSS6AI score0.00215EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.7 views

SUSE CVE-2026-31513

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2capecredconnreq Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerability...

5.8AI score0.00252EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/22 1:54 p.m.31 views

CVE-2026-31513 Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2capecredconnreq Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerability...

8.1CVSS0.00252EPSS
Exploits0References4
OSV
OSV
added 2026/04/22 1:54 p.m.1 views

CVE-2026-31513 Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2capecredconnreq Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerability...

8.1CVSS6.8AI score0.00252EPSS
Exploits0References7
CVE
CVE
added 2026/04/22 1:54 p.m.10 views

CVE-2026-31513

Summary: CVE-2026-31513 affects the Linux kernel Bluetooth L2CAP code. A stack-out-of-bounds read occurs in l2cap_ecred_conn_req when handling a malformed Enhanced Credit Based Connection Request with more SCIDs than allowed. The bug arises from computing rsp_len before validating the number of S...

8.1CVSS5.8AI score0.00252EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/25 4:54 p.m.6 views

SUSE CVE-2026-23395

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...

6.5CVSS5.7AI score0.00249EPSS
Exploits0References15
Cvelist
Cvelist
added 2026/03/25 10:33 a.m.26 views

CVE-2026-23395 Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...

8.8CVSS0.00249EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.9 views

PT-2026-27760

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Bluetooth L2CAP implementation. The code incorrectly handles multiple L2CAP ECRED CONN REQ requests, potentially leading to an overflow in the...

8.8CVSS5.9AI score0.00249EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.9 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989338 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use memset avoid memory leaks Use memset to initialize structs to prevent memory leaks...

5.5CVSS5.9AI score0.00242EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987142 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use memset avoid memory leaks Use memset to initialize structs to prevent memory leaks...

5.5CVSS5.9AI score0.00242EPSS
Exploits0References4
OSV
OSV
added 2025/02/26 7:0 a.m.7 views

DEBIAN-CVE-2022-49116

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use memset avoid memory leaks Use memset to initialize structs to prevent memory leaks in l2capecredconnect...

5.5CVSS5.3AI score0.00242EPSS
Exploits0References1
Rows per page
Query Builder