CVE-2026-23299

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Bluetooth component where Socket Buffer (SKB) structures may leak. When TX timestamping is enabled via SO TIMESTAMPING, SKBs can be queued into sk error queue and remain there until consumed. If the userspace fails to read the timestamps or if the controller is removed unexpectedly, these SKBs are not cleared, leading to a memory leak. The issue is addressed by implementing skb queue purge() calls for sk error queue within the affected bluetooth destructors.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.