CVE-2026-53252

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: fix memory leak in error path of hci alloc dev()

Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory.

When device initialization fails before hci register dev() completes, the HCI UNREGISTER flag is never set. As a result, when the device reference count reaches zero, bt host release() evaluates this flag as false and falls back to a direct kfree(hdev).

Because hci release dev() is bypassed, the SRCU struct initialized early in hci alloc dev() is never cleaned up, resulting in a leak of percpu memory.

Fix the leak by explicitly calling cleanup srcu struct() in the fallback (unregistered) branch of bt host release() before freeing the device.