Lucene search
K

67 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciuart: A missing NULL check was added in h5enqueue. The Syzbot encountered a general protection fault in pmruntimeresume. The issue was due to a missing NULL check. hu-serdev can be NULL, and we should not blindly...

5.5CVSS6.3AI score0.0024EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/09 2:21 a.m.8 views

SUSE CVE-2026-46275

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

5.5CVSS5.4AI score0.00204EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/08 4:34 p.m.8 views

CVE-2026-46275

A flaw was found in the Linux kernel's Bluetooth hciuart component. Lifecycle management issues, including Use-After-Free UAF and race conditions, were identified during the closing and initialization paths. These issues can lead to the dereferencing of freed memory, potentially causing system...

7.8CVSS5.7AI score0.00204EPSS
Exploits1References4
NVD
NVD
added 2026/06/08 4:16 p.m.17 views

CVE-2026-46275

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

7.8CVSS0.00204EPSS
Exploits1References8
OSV
OSV
added 2026/06/08 4:16 p.m.6 views

UBUNTU-CVE-2026-46275

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

7.8CVSS5.4AI score0.00204EPSS
Exploits1References11
EUVD
EUVD
added 2026/06/08 2:30 p.m.8 views

EUVD-2026-35079

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

5.5AI score0.00204EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/06/08 2:30 p.m.38 views

CVE-2026-46275 Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

7.8CVSS0.00204EPSS
Exploits1References8
CVE
CVE
added 2026/06/08 2:30 p.m.73 views

CVE-2026-46275

CVE-2026-46275 affects the Linux kernel Bluetooth hci_uart subsystem, with Use-After-Free and race conditions in lifecycle teardown (init/close paths) that can trigger UAFs and NPDs when workqueues and protocol paths are torn down. The documented fix involves reordering ttys close handling (clear...

7.8CVSS5.5AI score0.00204EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use- After-Free UAF and Null Pointer Dereference NPD...

7.8CVSS5.8AI score0.00204EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-23146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/02/14 4:15 p.m.10 views

CVE-2026-23146

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...

5.5CVSS0.00123EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/02/14 4:15 p.m.6 views

CVE-2026-23146

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References28
Vulnrichment
Vulnrichment
added 2026/02/14 4:1 p.m.4 views

CVE-2026-23146 Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...

5.3AI score0.00123EPSS
Exploits0References7
EUVD
EUVD
added 2026/02/14 4:1 p.m.7 views

EUVD-2026-5891

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...

5.2AI score0.00123EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/02/14 4:1 p.m.4 views

CVE-2026-23146

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...

5.1AI score0.00123EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/02/14 4:1 p.m.9 views

CVE-2026-23146

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...

5.5CVSS5.2AI score0.00123EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.4 views

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-993151)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993151 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer...

5.5CVSS6.5AI score0.00191EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/08 10:40 p.m.3 views

CVE-2025-40308

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...

4.5CVSS5.1AI score0.00165EPSS
Exploits0References4
OSV
OSV
added 2025/12/08 1:16 a.m.3 views

DEBIAN-CVE-2025-40308

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...

5.3AI score0.00165EPSS
Exploits0References1
NVD
NVD
added 2025/12/08 1:16 a.m.4 views

CVE-2025-40308

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...

0.00165EPSS
Exploits0References8
Rows per page
Query Builder