PT-2026-36435 · Linux · Linux Kernel

Published

2026-03-29

Updated

2026-05-15

CVE-2026-43018

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A Use-After-Free (UAF) issue exists in the Bluetooth component. In the hci le remote conn param req evt() function, the hci conn lookup and field access are not properly protected by the hdev lock, which may allow the connection object to be freed concurrently while in use.

Recommendations Extend the hci dev lock critical section to cover all conn usage.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2026-06508

CVE-2026-43018

ECHO-48EB-5012-E2FE

OESA-2026-2312

OESA-2026-2313

OESA-2026-2314

Affected Products

Linux Kernel

PT-2026-36435 · Linux · Linux Kernel

CVE-2026-43018

Weakness Enumeration

Related Identifiers

Affected Products

References · 46