Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Fixed a null pointer dereference in btintelreadversion. If hcicmdsyncComplete is triggered and skb is NULL, then hdev-reqskb will also be NULL, which will cause this issue...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed a memory leak in hciupdateadvdata. When hcicmdsyncqueue fails in hciupdateadvdata, the instptr is not freed, which can lead to a memory leak. To address this issue, ERRPTR/PTRERR was used instead of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: Fixed memory leaks When hcicmdsyncqueue fails in hcileterminatebig or hcilebigterminate, the memory pointed to by the variable d is not freed, which can lead to memory leaks. A release mechanism should be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed a race condition in hcicmdsyncclear. There is a potential race condition in hcicmdsyncwork and hcicmdsyncclear, which could lead to use-after-free issues. For example, hcicmdsyncwork is added to the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: rejecting malformed HCICMDSYNC commands In mgmthcicmdsync, check whether the size of the parameters passed in struct mgmtcphcicmdsync matches the total size of the data i.e., sizeofstruct mgmtcphcicmdsync plus th...

Linux Distros Unpatched Vulnerability : CVE-2026-43022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if...

CVE-2026-43022

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...

CVE-2026-43022

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...

CVE-2026-43021

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix leaks when hcicmdsyncqueueonce fails When hcicmdsyncqueueonce returns with error, the destroy callback will not be called. Fix leaking references / memory on these failures...

CVE-2026-43021

CVE-2026-43021 affects the Linux kernel Bluetooth hci_sync path. A failure in hci_cmd_sync_queue_once() can skip calling the destroy callback, causing leaks of references/memory. The issue manifests during error paths, potentially leaving resources allocated for the hci_sync queue. Public discuss...

CVE-2026-43021 Bluetooth: hci_sync: fix leaks when hci_cmd_sync_queue_once fails

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix leaks when hcicmdsyncqueueonce fails When hcicmdsyncqueueonce returns with error, the destroy callback will not be called. Fix leaking references / memory on these failures...

SUSE CVE-2026-31500

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize btintelhwerror with hcireqsynclock btintelhwerror issues two hcicmdsync calls HCIOPRESET and Intel exception-info retrieval without holding hcireqsynclock. This lets it race against hcidevdoclose -...

kernel: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

A use-after-free flaw was found in hcicmdsyncdequeueonce in net/bluetooth/hcisync.c in Bluetooth: hcisync in Linux Kernel. This vulnerability could even lead to a kernel information leak problem...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE CVE-2025-40318

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix race in hcicmdsyncdequeueonce hcicmdsyncdequeueonce does lookup and then cancel the entry under two separate lock sections. Meanwhile, hcicmdsyncwork can also delete the same entry, leading to double listd...

CVE-2025-40318

CVE-2025-40318 : In the Linux kernel, Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once. The root cause was a race between hci_cmd_sync_dequeue_once() performing a lookup then cancel under one lock section while hci_cmd_sync_work() could also delete the same entry, causing a double list_...

CVE-2025-40318 Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: fix race in hcicmdsyncdequeueonce hcicmdsyncdequeueonce does lookup and then cancel the entry under two separate lock sections. Meanwhile, hcicmdsyncwork can also delete the same entry, leading to double listd...

EUVD-2016-1573

Malware in sbrugna...

EUVD-2018-11534

Malware in sbrugna...

EUVD-2023-12457

Malicious code in bioql PyPI...