Primary

Context

Linux Kernel Bluetooth L2CAP Use-After-Free Vulnerability

Vulnerability

Patched

A use-after-free vulnerability has been identified in the Bluetooth L2CAP implementation of the Linux kernel. This issue arises from a race condition between the functions l2cap_register_user() and l2cap_unregister_user(), which do not properly synchronize access to connection data. As a result, these functions can interfere with the l2cap_conn_del() function, leading to memory corruption and potential exploitation. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to memory corruption, allowing for potential arbitrary code execution or causing the system to become unresponsive.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the official Linux kernel website.

Added: Apr 3, 2026, 4:53 PM

Updated: Apr 3, 2026, 4:53 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.3

exploitability

3.5

remediation

7.7

relevance

5.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.3

exploitability

3.5

remediation

7.7

relevance

5.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Bluetooth L2CAP Use-After-Free Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating