← Back

CVE-2026-46056

nvd nist
Published: May 27, 2026Modified: Jun 19, 2026

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (Secondary)

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers hci_conn lookup and field access must be covered by hdev lock in hci_user_passkey_notify_evt() and hci_keypress_notify_evt(), otherwise the connection can be freed concurrently. Extend the hci_dev_lock critical section to cover all conn usage in both handlers. Keep the existing keypress notification behavior unchanged by routing the early exits through a common unlock path.

Affected (5)

Products: Linux: Linux Kernel
1 product
Linux Kernel
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Linux
From 3.7 to 6.1.175
From 6.13 to 6.18.27
From 6.19 to 7.0.4
From 6.2 to 6.6.140
From 6.7 to 6.12.86

References (8)

Timeline

No history available yet.