Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed u8 overflow issue By continuously sending L2CAPCONFREQ packets, chan-numconfrsp increases multiple times, eventually exceeding the maximum number i.e., 255. This patch prevents this issue by adding a...

CVE-2026-43134

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fixed a use-after-free in localcleanup. A use-after-free occurs in kfreeskb called from localcleanup. This could occur when killing the nfc daemon e.g., neard after detaching an nfc device. When detaching an nfc device,...

nfc: llcp: add missing return after LLCP_CLOSED checks

...

Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop

...

PT-2026-34417

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth L2CAP component where the l2cap ecred data rcv function reads the SDU length field from skb-data using get unaligned le16 without verifying that the sock...

CVE-2026-23462

A flaw was found in the Linux kernel's Bluetooth subsystem HIDP. A local attacker can exploit a use-after-free vulnerability by failing to properly drop a reference to an L2CAP Logical Link Control and Adaptation Protocol connection during a user removal callback. This memory corruption flaw may...

SUSE CVE-2026-23395

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...

CVE-2026-23150

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfcllcpsenduiframe. syzbot reported various memory leaks related to NFC, struct nfcllcpsock, skbuff, nfcdev, etc. 0 The leading log hinted that nfcllcpsenduiframe failed to allocate skb due to sockerrors...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000483 advisory. A heap data infoleak in multiple locations including L2CAPPARSECONFRSP was found in the Linux kernel before 5.1-rc1. Tenable has extracted the preceding description...

kernel: Bluetooth: L2CAP: Fix use-after-free

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2caplecommandrej...

Bluetooth: L2CAP: Fix not validating setsockopt user input

...

Linux Distros Unpatched Vulnerability : CVE-2025-21925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver cal...

Linux Distros Unpatched Vulnerability : CVE-2023-52843

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without verifying that the skb has an Ethernet header. Syzbot was able to ent...

kernel: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

in linux kernel bluetooth L2CAP, l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range...

The vulnerability of the llc component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the llc component in the Linux operating system’s kernel is related to the use of an uninitialized resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a vulnerability in the llc module...

The vulnerability of the llc_ui_sendmsg() function in the net/llc/af_llc.c module of the LLC2 protocol implementation in Linux’s operating system allows a hacker to cause a service failure.

The vulnerability of the llcuisendmsg function in the net/llc/afllc.c module of the LLC2 protocol implementation in Linux’s operating system is related to the use of incorrect data. Exploiting this vulnerability could allow an attacker to cause a service failure...

kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c

An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...