Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow code execution and leaking kernel memory respectively remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via...

MiracleLinux 7 : kernel-3.10.0-1160.95.1.el7 (AXSA:2023-6249:21)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6249:21 advisory. kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 Tenable has extracted the preceding description block directly...

MiracleLinux 7 : kernel-3.10.0-1160.114.2.el7 (AXSA:2024-7634:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7634:08 advisory. sched/membarrier: reduce the ability to hammer on sysmembarrier CVE-2024-26602 kernel: use-after-free in l2capconnect and l2capleconnectreq in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001701 advisory. A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2capconndel of the file net/bluetooth/l2capcore.c of the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414357)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414357 advisory. In l2capchanput of l2capcore, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional executi...

kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the released l2capconn when sending to the upper layer. Add hci dev lock to...

AZL-60251 CVE-2025-21969 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the released l2capconn when sending to the upper layer. Add hci dev lock to...

UBUNTU-CVE-2024-36968

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctlinit l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range. Move MTU from hcidev to hciconn to validate MTU and...

kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges...

kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c

A memory leak flaw was found in the Linux kernel’s L2CAP bluetooth functionality. This issue occurs when a user generates malicious packets, triggering the l2caprecvacldata function. This flaw allows a local or bluetooth connection user to potentially crash the system...

kernel: use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c

A vulnerability was found in the Linux Kernel in the l2capconndel in net/bluetooth/l2capcore.c function in the Bluetooth component. This issue leads to a use-after-free problem...

kernel: memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c

A memory leak flaw was found in the Linux kernel’s L2CAP bluetooth functionality. This issue occurs when a user generates malicious packets, triggering the l2caprecvacldata function. This flaw allows a local or bluetooth connection user to potentially crash the system...

SUSE CVE-2011-2497

Integer underflow in the l2capconfigreq function in net/bluetooth/l2capcore.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a small command-size value within the command header of a Logical...

DEBIAN-CVE-2022-20566

In l2capchanput of l2capcore, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

DEBIAN-CVE-2022-42896

There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow code execution and leaking kernel memory respectively remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via...

DEBIAN-CVE-2022-3640

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2capconndel of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of...

UBUNTU-CVE-2022-3640

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2capconndel of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of...

DEBIAN-CVE-2022-3619

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2caprecvacldata of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue...