CVE-2026-23151

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the Bluetooth MGMT subsystem, specifically within the set ssp complete() function. The issue arises from missing calls to mgmt pending free() in both success and error paths after commands are removed from the pending list. This results in a memory leak of mgmt pending cmd structures and their associated data for each Secure Simple Pairing (SSP) command that completes. The issue was also present in set advertising complete().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CVE-2026-23151

OPENSUSE-SU-2026:20416-1

SUSE-SU-2026:0962-1

SUSE-SU-2026:1081-1

SUSE-SU-2026:20667-1

SUSE-SU-2026:20720-1

SUSE-SU-2026:20838-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

SUSE-SU-2026:20931-1

SUSE-SU-2026:21284-1

USN-8278-1

USN-8289-1

USN-8296-1

Affected Products

Linux Kernel

Ubuntu

CVE-2026-23151

Weakness Enumeration

Related Identifiers

Affected Products

References · 1773