Primary

Context

Linux Kernel Bluetooth HCI Event Wake Reason Storage Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's Bluetooth implementation allows short HCI event frames to bypass initial bounds checks, potentially leading to unexpected behavior. This issue arises because the wake reason storage function is called too early in the event handling process, before validating the event's payload length. The vulnerability affects the Linux kernel's stable releases.

Impact

The vulnerability could cause improper handling of Bluetooth HCI events, potentially leading to issues with event processing or device communication.

Remediation

Users can upgrade to the latest stable version of the Linux kernel to address this vulnerability.

Added: May 1, 2026, 4:19 PM

Updated: May 1, 2026, 4:19 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

7.5

exploitability

4.8

remediation

7.7

relevance

7.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

7.5

exploitability

4.8

remediation

7.7

relevance

7.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Bluetooth HCI Event Wake Reason Storage Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating