CVE-2026-43019

HIGH EPSS 2.9%
Published May 1, 20262mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published May 1, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync hci_conn lookup and field access must be covered by hdev lock in set_cig_params_sync, otherwise it's possible it is freed concurrently. Take hdev lock to prevent hci_conn from being deleted or modified concurrently. Just RCU lock is not suitable here, as we also want to avoid "tearing" in the configuration.

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
2.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 11

VendorProductVersionRange
linuxlinux_kernel*≥6.6  –  <6.12.81
linuxlinux_kernel*≥6.13  –  <6.18.22
linuxlinux_kernel*≥6.19  –  <6.19.12
linuxlinux_kernel6.4.16any
linuxlinux_kernel6.5.3any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 4

  • git.kernel.org https://git.kernel.org/stable/c/66d432e9b45bae7881ffcdb12cd8fd0bf254ef02
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7d568fede8eac91161a60b710aa920abe9b0fb9f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2639a7f0f5bf7d73f337f8f077c19415c62ed2c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bad65b4b0a96139f023eadc28a33125963208449
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/66d432e9b45bae7881ffcdb12cd8fd0bf254ef02
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7d568fede8eac91161a60b710aa920abe9b0fb9f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a2639a7f0f5bf7d73f337f8f077c19415c62ed2c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bad65b4b0a96139f023eadc28a33125963208449
    Patch