CVE-2026-43022

Published: May 1, 2026Modified: May 8, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists hci_cmd_sync_queue_once() needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the function to return -EEXIST if queue item already exists. Modify all callsites to handle that.

Affected (10)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.9 to 6.19.12
Linux Linux Kernel	Version 6.1.120
Linux Linux Kernel	Version 6.6.51
Linux Linux Kernel	Version 6.8.9
Linux Linux Kernel	Version 7.0 rc1
Linux Linux Kernel	Version 7.0 rc2
Linux Linux Kernel	Version 7.0 rc3
Linux Linux Kernel	Version 7.0 rc4
Linux Linux Kernel	Version 7.0 rc5
Linux Linux Kernel	Version 7.0 rc6

References (2)

https://git.kernel.org/stable/c/0ad2ce230b38cd4b3f6732cc609e270461e626e5

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/2969554bcfccb5c609f6b6cd4a014933f3a66dd0

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.