Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: fix locking in hciconnrequestevt with HCIPROTODEFER When protocol sets HCIPROTODEFER, hciconnrequestevt calls hciconnectcfmconn without hdev-lock...

8.8CVSS6AI score0.00247EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.26 views

CVE-2026-53072 Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix locking in hciconnrequestevt with HCIPROTODEFER When protocol sets HCIPROTODEFER, hciconnrequestevt calls hciconnectcfmconn without hdev-lock. Generally hciconnectcfm assumes it is held, and if conn is deleted...

8.8CVSS0.00247EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005561 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pairdevice hciconnparamsadd never checks for a NULL value...

5.5CVSS6.8AI score0.00264EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/01/12 1:52 p.m.6 views

kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

A flaw was discovered in the Bluetooth subsystem of the Linux kernel. When processing a HCIEVNUMCOMPPKTS event, the function hciconntxdequeue did not properly hold or release the hdev device lock, which may lead to a use-after-free of the connection structure...

5.8AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2025/12/08 12:0 a.m.8 views

ALSA-2025:22854 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: Fix oops due to uninitialised variable CVE-2025-38737 kernel: can: j1939: implement NETDEVUNREGISTER notification handler CVE-2025-39925 kernel: Bluetooth: hcievent: Fix UAF in...

5.5CVSS6.3AI score0.00194EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-39983

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not...

6.4AI score0.00168EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/16 10:31 a.m.4 views

CVE-2025-39983

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

6.4CVSS5.3AI score0.00168EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/15 7:56 a.m.8 views

CVE-2025-39983 Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

0.00168EPSS
Exploits0References2
OSV
OSV
added 2025/10/15 7:56 a.m.2 views

CVE-2025-39983 Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

6.4AI score0.00168EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.5 views

PT-2025-42258

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16-rc7 Description The Linux kernel contains a use-after-free flaw within the Bluetooth stack, specifically in the hci conn tx dequeue function. This issue arises from improper locking of the hdev structure whe...

5.5CVSS6.8AI score0.00194EPSS
Exploits0References26
OSV
OSV
added 2025/09/18 2:15 p.m.2 views

DEBIAN-CVE-2023-53374

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fail SCO/ISO via hciconnfailed if ACL gone early Not calling hcidisconnectcfm before deleting conn referred to by a socket generally results to use-after-free. When cleaning up SCO connections when the parent...

7.8CVSS6.1AI score0.00147EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/15 2:46 p.m.8 views

CVE-2023-53252 Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use RCU for hciconnparams and iterate safely in hcisync hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events in the loop body, without holding hdev lock...

0.00137EPSS
Exploits0References3
CVE
CVE
added 2025/09/15 2:46 p.m.20 views

CVE-2023-53252

The CVE-2023-53252 entry applies to the Linux kernel Bluetooth stack. The vulnerability arises in hci_update_accept_list_sync where hci_conn_params/hci_sync lists are iterated while the lists can be modified (e.g., by le_scan_cleanup) without holding the device lock, risking an invalid list curso...

7.8CVSS6.1AI score0.00137EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/12/27 3:15 p.m.6 views

AZL-62630 CVE-2024-56591 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Use disabledelayedworksync This makes use of disabledelayedworksync instead canceldelayedworksync as it not only cancel the ongoing work but also disables new submit which is disarable since the object holding...

5.5CVSS6.6AI score0.00185EPSS
Exploits0References1
OSV
OSV
added 2024/08/26 8:15 a.m.6 views

AZL-48197 CVE-2024-43884 affecting package kernel for versions less than 6.6.51.1-5

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pairdevice hciconnparamsadd never checks for a NULL value and could lead to a NULL pointer dereference causing a crash. Fixed by adding error handling in the function...

5.5CVSS6.3AI score0.00264EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.7 views

Kernel: double free in hci_conn_cleanup of the bluetooth subsystem

A double-free vulnerability was found in the hciconncleanup in net/bluetooth/hciconn.c in the Linux Kernel. This issue may cause a denial of service or privilege escalation...

7.8CVSS6.8AI score0.00274EPSS
Exploits0References5
OSV
OSV
added 2023/03/31 4:15 p.m.5 views

AZL-25956 CVE-2023-28464 affecting package kernel for versions less than 5.15.122.1-2

hciconncleanup in net/bluetooth/hciconn.c in the Linux kernel through 6.2.9 has a use-after-free observed in hciconnhashflush because of calls to hcidevput and hciconnput. There is a double free that may lead to privilege escalation...

7.8CVSS6.5AI score0.00274EPSS
Exploits0References1
OSV
OSV
added 2023/03/31 4:15 p.m.2 views

UBUNTU-CVE-2023-28464

hciconncleanup in net/bluetooth/hciconn.c in the Linux kernel through 6.2.9 has a use-after-free observed in hciconnhashflush because of calls to hcidevput and hciconnput. There is a double free that may lead to privilege escalation...

7.8CVSS6.6AI score0.00274EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/09 12:0 a.m.5 views

PT-2023-2069 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 6.2.9 Description: The issue is related to a use-after-free vulnerability in the hci conn cleanup function in the net/bluetooth/hci conn.c module of the Linux kernel. This vulnerability is observed in the hci con...

10CVSS6.4AI score0.93838EPSS
Exploits81References2064
Rows per page
Query Builder