PT-2026-43302 · Linux+1 · Linux Kernel+1

Published

2026-05-26

·

Updated

2026-06-04

·

CVE-2026-45834

CVSS v4.0

5.7

Medium

VectorAV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1
Description A null pointer dereference exists in the Bluetooth L2CAP component. This occurs within the l2cap sock state change cb() function, where a missing NULL guard allows the system to attempt to access an invalid memory address.
Recommendations Update to a version of the Linux kernel where the NULL guard has been added to the l2cap sock state change cb() function. Update openSUSE Tumbleweed to kernel-devel-7.0.11-1.1.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45834
ECHO-4A73-8DF7-E659
OPENSUSE-SU-2026:10954-1

Affected Products

Linux Kernel
Opensuse Tumbleweed