Lucene search
K

5 matches found

NVD
NVD
added 2026/06/25 9:16 a.m.10 views

CVE-2026-53254

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol-specific structs without validating skb-len first. A malicious remote device can send truncated MCC frames and trigger...

8.1CVSS0.00283EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53254

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol-specific structs without validating skb-len first. A malicious remote device can send truncated MCC frames and trigger...

8.1CVSS5.8AI score0.00283EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/25 8:39 a.m.8 views

EUVD-2026-39205

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol-specific structs without validating skb-len first. A malicious remote device can send truncated MCC frames and trigger...

5.8AI score0.00283EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53253 Bluetooth: bnep: reject short frames before parsing

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

7.1CVSS5.8AI score0.00274EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52348

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth BNEP implementation where a peer can send a short BNEP Service Discovery Unit SDU. The function bnep rx frame reads the packet type byte and, for control...

7.8CVSS6.2AI score0.00274EPSS
Exploits0References443
Rows per page
Query Builder