Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

72 matches found

RedhatCVE
RedhatCVEadded 3 days ago7 views

CVE-2026-53072

A flaw was found in the Linux kernel's Bluetooth subsystem. Improper handling of locking within the hciconnrequestevt function, particularly when the HCIPROTODEFER protocol is active, can result in a Use-After-Free UAF vulnerability. This condition arises when a connection object is accessed afte...

8.8CVSS6AI score0.00164EPSS
Exploits0References4
NVD
NVDadded 3 days ago7 views

CVE-2026-53276

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

7.8CVSS0.00151EPSS
Exploits0References2
Debian CVE
Debian CVEadded 3 days ago5 views

CVE-2026-53276

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

7.8CVSS5.6AI score0.00151EPSS
Exploits0
Cvelist
Cvelistadded 3 days ago29 views

CVE-2026-53276 Bluetooth: ISO: Fix a use-after-free of the hci_conn pointer

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

7.8CVSS0.00151EPSS
Exploits0References2
CVE
CVEadded 3 days ago7 views

CVE-2026-53276

The CVE-2026-53276 entry concerns the Linux kernel Bluetooth ISO stack. A use-after-free occurs in iso_sock_rebind_bc where the bis pointer is cached and the socket lock is released before traversals, allowing a concurrent close() to free the hci_conn and its bis structure. The code then accesses...

7.8CVSS5.7AI score0.00151EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 6 days ago5 views

kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

8.8CVSS6AI score0.00262EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/06/20 12:28 a.m.8 views

kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

8.8CVSS6AI score0.00262EPSS
Exploits0References5
AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Use RCU for hciconnparams and iterate safely in hcisync. hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events within the loop body, without holding the hdev...

7.8CVSS6.5AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: Fixed a potential Universal Arbitrary Fault UAF in setcigparamssync. The lookup of hciconn and field access must be protected by the hdev lock in setcigparamssync. Otherwise, it’s possible that these...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a division by zero issue in l2capleflowctlinit. l2capleflowctlinit may cause both a division by zero and an integer overflow, as hdev-lemtu may not fall within the valid range. The MTU value was moved...

6.5CVSS6.4AI score0.00215EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2026/06/16 7:17 p.m.5 views

kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/06/16 6:39 p.m.6 views

kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2026/05/29 1:17 a.m.10 views

SUSE CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

6.4CVSS5.8AI score0.00125EPSS
Exploits0References9
Cvelist
Cvelistadded 2026/05/28 9:35 a.m.31 views

CVE-2026-46111 Bluetooth: hci_conn: fix potential UAF in create_big_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

7.8CVSS0.00125EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.12 views

PT-2026-44234

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A use-after-free issue exists in the Bluetooth component. The create big complete function unconditionally dereferences the...

9.8CVSS6AI score0.03663EPSS
Exploits10References499
RedhatCVE
RedhatCVEadded 2026/05/27 7:7 p.m.12 views

CVE-2026-46056

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

8.8CVSS6AI score0.00262EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/05/15 10:54 a.m.9 views

CVE-2026-43322

A flaw was found in the Bluetooth Host Controller Interface HCI synchronization module hcisync of the Linux kernel. A use-after-free UAF vulnerability exists in the lereadfeaturescomplete function, where a freed hciconn object is accessed. This can allow an attacker to cause a system crash, leadi...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References4
CNVD
CNVDadded 2026/05/11 12:0 a.m.8 views

Linux kernel set_cig_params_sync function memory misreference vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A memory misreference vulnerability exists in the Linux kernel. The vulnerability stems from the setcigparamssync function in Bluetooth hciconn not locking hciconn, which can b...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
CNNVD
CNNVDadded 2026/05/08 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the lereadfeaturescomplete function in Bluetooth HCI sync. This function allows for...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/05/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hciconn: fix potential UAF in setcigparamssync hciconn lookup and field access must be covered by hdev lock in setcigparamssync, otherwise it's...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References3
Rows per page
Query Builder