PT-2026-27664 · Linux · Linux
Published
2026-03-25
·
Updated
2026-03-25
·
CVE-2026-23299
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: purge error queues in socket destructors
When TX timestamping is enabled via SO TIMESTAMPING, SKBs may be queued
into sk error queue and will stay there until consumed. If userspace never
gets to read the timestamps, or if the controller is removed unexpectedly,
these SKBs will leak.
Fix by adding skb queue purge() calls for sk error queue in affected
bluetooth destructors. RFCOMM does not currently use sk error queue.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux