SUSE CVE-2026-45834

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

CVE-2026-23299

A flaw was found in the Linux kernel's Bluetooth subsystem. When transmit TX timestamping is enabled, socket kernel buffers SKBs can accumulate in an error queue. If user applications fail to read these timestamps or if the Bluetooth controller is unexpectedly removed, these SKBs are not properly...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003886)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003886 advisory. A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2capconndel of the file net/bluetooth/l2capcore.c of the...

ROS-20260114-7326

A vulnerability in the hcicblist function of the Linux kernel Bluetooth driver is related to synchronization errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2023-54164 Bluetooth: ISO: fix iso_conn related locking and validity issues

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

Linux Distros Unpatched Vulnerability : CVE-2023-54120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: Fix race condition in hidpsessionthread There is a potential race condition in hidpsessionthread that may lead to use-after-free. For instance, the...

EUVD-2022-55084

Malicious code in bioql PyPI...

EUVD-2025-12860

Malicious code in bioql PyPI...

PT-2025-34402 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Bluetooth component of the Linux kernel related to btusb. A potential NULL pointer dereference can occur due to an improper handling of kmalloc allocation failures...

Linux Distros Unpatched Vulnerability : CVE-2024-26888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: Fix memory leak Fix leaking buffer allocated to send...

Linux Distros Unpatched Vulnerability : CVE-2023-53018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix memory leaks When hcicmdsyncqueue failed in hcileterminatebig or...

Linux Distros Unpatched Vulnerability : CVE-2021-32399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/bluetooth/hcirequest.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. CVE-2021-32399 Note that Nessus relies on...

CVE-2025-38473

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix null-ptr-deref in l2capsockresumecb syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar problem that was fixed by commit 1bff51ea59a9 "Bluetooth: fix use-after-free error in...

CVE-2025-38304

CVE-2025-38304 : In the Linux kernel, a NULL pointer dereference in Bluetooth eir_get_service_data (len parameter can be NULL) is fixed. The vulnerability affects the Bluetooth EIR handling path and is rated with LOCAL attack vector and HIGH availability impact, implying potential kernel crash or...

CVE-2022-50166

CVE-2022-50166 affects the Linux kernel Bluetooth HCI subsystem. When the HCI work queue is drained, a delayed command could still be queued to the drained workqueue, triggering a timeout in hci_cmd_timeout and a kernel warning. The root cause is the draining of the command/event/data processing ...

CVE-2023-53063

No description is available for this CVE...

CVE-2022-49909

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-37792 Bluetooth: btrtl: Prevent potential NULL dereference

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtlinitialize function checks that rtlloadfile either had an error or it loaded a zero length file. However, if it loaded a zero length file then the error code is not se...

PT-2025-18627 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.8 Description: A use-after-free condition has been identified in the Linux kernel's Bluetooth L2CAP implementation. This issue arises from a race condition between two parallel flows: l2cap reassemble sdu a...

CVE-2025-21937

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmtallocskb in mgmtremotename Add check for the return value of mgmtallocskb in mgmtremotename to prevent null pointer dereference...