PT-2026-36437 · Linux+1 · Linux Kernel+1

Published

2026-05-01

·

Updated

2026-06-05

·

CVE-2026-43020

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description An issue exists in the Bluetooth MGMT component where the system fails to properly validate the enc size provided by the user during the loading of Long Term Keys (LTK). This enc size is subsequently used to determine the size of fixed-size stack operations when responding to LE LTK requests. If an enc size exceeding the 16-byte key buffer is provided, it can lead to a stack buffer overflow in the reply process.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-120CWE-787

Related Identifiers

ALSA-2026:21556
ALSA-2026:21557
ALSA-2026:21706
ALSA-2026:21745
BDU:2026-07834
CVE-2026-43020
ECHO-F64F-AACC-F63C
OESA-2026-2311
OESA-2026-2581
RHSA-2026:21556
RHSA-2026:21557
RHSA-2026:21706
RHSA-2026:21745

Affected Products

Linux Kernel
Rocky Linux