PT-2026-36435 · Linux · Linux
Published
2026-05-01
·
Updated
2026-05-01
·
CVE-2026-43018
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci event: fix potential UAF in hci le remote conn param req evt
hci conn lookup and field access must be covered by hdev lock in
hci le remote conn param req evt, otherwise it's possible it is freed
concurrently.
Extend the hci dev lock critical section to cover all conn usage.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux