Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Bluetooth L2CAP Connection Management Deadlock Vulnerability

Vulnerability

A deadlock vulnerability has been identified in the Bluetooth L2CAP connection management of the Linux kernel. The issue arises in the 'l2cap_conn_del()' function, which cancels delayed work for timers while holding a lock on the connection. This creates a potential deadlock scenario, as the work functions can also acquire the same lock, leading to a conflict if the work is in progress when the lock is taken. The vulnerability affects the Linux kernel's stable group.

Impact

Exploitation of this vulnerability can lead to a deadlock situation, causing the system to hang or become unresponsive while the connection management process is stalled.

Remediation

The vulnerability has been addressed in the official Linux Git repository. Users can download the patched version from the Linux kernel stable tree.

Added: Apr 22, 2026, 3:00 PM
Updated: Apr 22, 2026, 3:00 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.5
remediation
7.7
relevance
6.5
threat
3.2
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.