CVE-2026-52918

NONE EPSS 17.9%
Published Jun 24, 20266d ago · Modified Jun 24, 20266d ago
Find Similar
Published Jun 24, 2026 6d ago
Last Modified Jun 24, 2026 6d ago

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize accept_q access bt_sock_poll() walks the accept queue without synchronization, while child teardown can unlink the same socket and drop its last reference. The unsynchronized accept queue walk has existed since the initial Bluetooth import. Protect accept_q with a dedicated lock for queue updates and polling. Also rework bt_accept_dequeue() to take temporary child references under the queue lock before dropping it and locking the child socket.

Threat Intelligence

EPSS Exploit Probability
17.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/41c8c1c7923e86e0eb59cfb4279349112756a336
  • git.kernel.org https://git.kernel.org/stable/c/4ec17782fd186f901a7329605d11048b085b945a
  • git.kernel.org https://git.kernel.org/stable/c/85f8674cae82053f1e6bab295f6a8422cca14db5
  • git.kernel.org https://git.kernel.org/stable/c/8b4c412e001b0c670eb937beab491af974da55b3
  • git.kernel.org https://git.kernel.org/stable/c/a218bf69eb51fefe59a3976fa8925261141f681c
  • git.kernel.org https://git.kernel.org/stable/c/be43e6b4043113c3b3cf887c3c8350f67140274c
  • git.kernel.org https://git.kernel.org/stable/c/d9ce4de05df2385c19e2c7d12f529144e1a44af1
  • git.kernel.org https://git.kernel.org/stable/c/e83f5e24da741fa9405aeeff00b08c5ee7c37b88

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.