3 matches found
Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop
...
CVE-2026-31498
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdulen infinite loop l2capconfigreq processes CONFIGREQ for channels in BTCONNECTED state to support L2CAP reconfiguration e.g. MTU changes. However, since both CONFINPUTDONE and...
Sony XAV-AX8500 安全漏洞
The SONY XAV-AX8500 is a car AV receiver with enhanced features. The SONY XAV-AX8500 suffers from a channel authentication bypass vulnerability that stems from improper implementation of Bluetooth ERTM channel communication, which can be exploited by an attacker to gain unauthorized access to the...