PT-2026-43304 · Linux · Linux Kernel

Published

2026-05-26

·

Updated

2026-06-04

·

CVE-2026-45836

CVSS v4.0

5.7

Medium

VectorAV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A NULL-pointer dereference exists in the Bluetooth L2CAP subsystem, specifically within the l2cap sock get sndtimeo cb() function. This issue can lead to kernel crashes and a denial of service. A NULL-pointer dereference occurs when a program attempts to read or write to a memory address that is NULL, which typically results in the application or system crashing.
Recommendations Disable Bluetooth if it is not in use. Blacklist the kernel modules associated with Bluetooth. Monitor for unexpected Bluetooth activity. Audit embedded and edge device configurations regularly.

Exploit

Fix

LPE

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45836
ECHO-3A6D-E839-9D06
OPENSUSE-SU-2026:10954-1

Affected Products

Linux Kernel