CVE-2026-31499

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A deadlock can occur in the Bluetooth L2CAP component within the l2cap conn del() function. This happens because l2cap conn del() calls cancel delayed work sync() for both info timer and id addr timer while holding the conn->lock. Since the work functions l2cap info timeout() and l2cap conn update id addr() also attempt to acquire conn->lock, an AB-BA deadlock may occur if the work is already executing when the lock is taken.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.