EUVD-2026-33776

In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0045

In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-380091558

In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fixed a possible deadlock in rfcommskstatechange. syzbot reports a possible deadlock in rfcommskstatechange 1. While rfcommsockconnect acquires the sk lock and waits for the rfcomm lock, rfcommsockrelease might acquire...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

A NULL pointer dereference vulnerability exists in the Linux kernel on Linux, x86, and ARM platforms including networking and Bluetooth modules. This vulnerability is related to the /net/bluetooth/rfcomm/core.C file. This issue affects the Linux kernel version v2.6.12-rc2...

CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013348 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to u...

CVE-2026-31280

CVE-2026-31280 affects Parani M10 Motorcycle Intercom (v2.1.3) via the Bluetooth Classic RFCOMM service. Multiple sources describe an unauthenticated Denial of Service caused by sending crafted RFCOMM frames, leading to a device crash. The NVD and Red Hat entries corroborate the same impact; expl...

CLSA-2026-1773048865 kernel: Fix of 53 CVEs

xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56604)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56604 advisory. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving danglin...

Exploit for CVE-2025-13834

!DOIhttps://img.shields.io/badge/DOI-10.5281%2Fzenodo.183233...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000555 advisory. The rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002294 advisory. The rfcommsockbind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001813 advisory. The rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local...

ROS-20260114-7302

A vulnerability in the rfcommsockalloc function of the net/bluetooth/rfcomm/sock.c module of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001051)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001051 advisory. The rfcommsockbind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990213)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990213 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity During our fuzz testing of the...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-22099)

NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM net, bluetooth modules allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2. This plugin only works with...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987400)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987400 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity During our fuzz testing of the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986501)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986501 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity During our fuzz testing of the...