Astra Linux - уязвимость в linux

A flaw involving double-free memory corruption in the Linux kernel’s HCI device initialization subsystem was discovered. This flaw allows a malicious HCI TTY Bluetooth device to be attached to the system. A local user could exploit this flaw to crash the system. This flaw affects all Linux kernel...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fixed the crash caused by hcisuspendsync. If hciunregisterdev frees the hcidev object, but hcisuspendnotifier may still access it, this can cause the program to crash. Here is the call trace: 102152.653246 Call Trace:...

CVE-2026-31771 Bluetooth: hci_event: move wake reason storage into validated event handlers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: move wake reason storage into validated event handlers hcistorewakereason is called from hcieventpacket immediately after stripping the HCI event header but before hcieventfunc enforces the per-event minimum...

PT-2026-36435

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the Bluetooth component. In the hci le remote conn param req evt function, the hci conn lookup and field access are not properly protected by the hde...

PT-2026-30155

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Bluetooth L2CAP implementation, specifically within the l2cap unregister user function. A race condition occurs because l2cap register user and l2cap...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001421)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001421 advisory. A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A...

SUSE CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

EUVD-2025-203775

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

UBUNTU-CVE-2025-68305

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

EUVD-2021-26874

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414584)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414584 advisory. A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A...

UBUNTU-CVE-2023-53520

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the possibility that hcisuspendnotifier may still access the hcidev object after hciunregisterdev releases...

SUSE CVE-2025-38592

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcidevcddump: fix out-of-bounds via devcoredumpv Currently both devcoredumpv and skbputdata in hcidevcddump use hdev-dump.head. However, devcoredumpv can free the buffer. From devcoredumpmtimeout documentation, which i...

CVE-2025-38592 Bluetooth: hci_devcd_dump: fix out-of-bounds via dev_coredumpv

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcidevcddump: fix out-of-bounds via devcoredumpv Currently both devcoredumpv and skbputdata in hcidevcddump use hdev-dump.head. However, devcoredumpv can free the buffer. From devcoredumpmtimeout documentation, which i...

kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

AZL-64847 CVE-2025-38250 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

kernel: Bluetooth: btmtk: avoid UAF in btmtk_process_coredump

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtkprocesscoredump hcidevcdappend may lead to the release of the skb, so it cannot be accessed once it is called. ================================================================== BUG: KASAN:...

SUSE CVE-2024-57879

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of isolistenbis Since hcigetroute holds the device before returning, the hdev should be released with hcidevput at the end of isolistenbis even if the function returns with an error...