25 matches found
SUSE CVE-2026-53251
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...
UBUNTU-CVE-2026-53251
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...
CVE-2026-53251
CVE-2026-53251: Linux kernel Bluetooth ISO path vulnerability where hci_get_route() leaks a reference-counted hci_dev pointer (via hci_dev_hold()) on exit, without releasing it. Documented as a resource leak that can contribute to a Denial of Service. Several advisories indicate patches exist (e....
CVE-2026-53251
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...
CVE-2026-53251
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...
CVE-2026-53251 Bluetooth: ISO: Fix not releasing hdev reference on iso_conn_big_sync
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...
kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free
A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...
kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free
A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...
kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free
A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...
kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free
A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...
kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free
A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...
SUSE CVE-2023-54164
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
CVE-2023-54164
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
CVE-2023-54164
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
CVE-2023-54164
Technical details for CVE-2023-54164 are not provided in the supplied documents. Monitor for updates.
CVE-2023-54164 Bluetooth: ISO: fix iso_conn related locking and validity issues
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...
PT-2025-53993
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to Bluetooth ISO Isochronous connections. Specifically, the issue involves incorrect locking and validity checks concerning the sk state variable...
CVE-2025-40141
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix possible UAF on isoconnfree This attempt to fix similar issue to scoconnfree where if the conn-sk is not set to NULL may lead to UAF on isoconnfree...
CVE-2025-40141
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix possible UAF on isoconnfree This attempt to fix similar issue to scoconnfree where if the conn-sk is not set to NULL may lead to UAF on isoconnfree...
CVE-2025-40141
CVE-2025-40141 is a Linux kernel Bluetooth issue fixed by ensuring iso_conn_free doesn’t suffer a use-after-free if conn->sk is not NULL. The advisory and related Red Hat/osv entries indicate this is a kernel-level fix in the Bluetooth ISO path to prevent UAF on iso_conn_free, with patches rel...