147 matches found
EUVD-2026-34129
In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...
CVE-2026-46041 greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames()
In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: fix sleep in atomic context in hdlctxframes hdlcappend calls usleeprange to wait for circular buffer space, but it is called with txproducerlock a spinlock held via hdlctxframes -...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fixed a use-after-free in localcleanup. A use-after-free occurs in kfreeskb called from localcleanup. This can occur when killing the nfc daemon e.g., neard after detaching an nfc device. When detaching an nfc device,...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fix for u8 overflow By continuously sending L2CAPCONFREQ packets, chan-numconfrsp increases multiple times, eventually exceeding the maximum number i.e., 255. This patch prevents this issue by adding a bounda...
CVE-2026-43134
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...
nfc: llcp: add missing return after LLCP_CLOSED checks
...
CVE-2026-31629
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCPCLOSED checks In nfcllcprecvhdlc and nfcllcprecvdisc, when the socket state is LLCPCLOSED, the code correctly calls releasesock and nfcllcpsockput but fails to return. Execution falls throu...
PT-2026-34981
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the NFC LLCP component. In the functions nfc llcp recv hdlc and nfc llcp recv disc, when the socket state is LLCP CLOSED, the code calls release sock and...
Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop
...
PT-2026-34417
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth L2CAP component where the l2cap ecred data rcv function reads the SDU length field from skb-data using get unaligned le16 without verifying that the sock...
CVE-2026-23462
A flaw was found in the Linux kernel's Bluetooth subsystem HIDP. A local attacker can exploit a use-after-free vulnerability by failing to properly drop a reference to an L2CAP Logical Link Control and Adaptation Protocol connection during a user removal callback. This memory corruption flaw may...
SUSE CVE-2026-23395
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
CVE-2025-47371
Transient DOS when an LTE RLC packet with invalid TB is received by UE...
CVE-2025-47371
Transient DOS when an LTE RLC packet with invalid TB is received by UE...
EUVD-2025-208182
Transient DOS when an LTE RLC packet with invalid TB is received by UE...
CVE-2025-47371
Transient DOS when an LTE RLC packet with invalid TB is received by UE...
CVE-2025-47371 Reachable Assertion in Modem
Transient DOS when an LTE RLC packet with invalid TB is received by UE...
PT-2026-22638
Transient DOS when an LTE RLC packet with invalid TB is received by UE...
CVE-2026-23150
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfcllcpsenduiframe. syzbot reported various memory leaks related to NFC, struct nfcllcpsock, skbuff, nfcdev, etc. 0 The leading log hinted that nfcllcpsenduiframe failed to allocate skb due to sockerrors...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004252)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004252 advisory. A flaw was found in the HDLCPPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation i...