PT-2026-38973 · Linux · Linux Kernel
Published
2026-05-08
·
Updated
2026-05-08
·
CVE-2026-43322
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A use-after-free (UAF) issue exists in the Bluetooth component of the Linux kernel. The problem occurs in the
le read features complete() function when hci conn is freed after hci le read remote features sync but before le read features complete is executed, as hci conn del and hci cmd sync dequeue fail to prevent this sequence.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel