Primary

Context

Linux Kernel Bluetooth Command Synchronization Memory Leak Vulnerability

Vulnerability

Patched

A memory leak vulnerability has been addressed in the Linux kernel's Bluetooth subsystem. The issue arises in the command synchronization process, specifically within the 'hci_cmd_sync_queue_once' function. When this function encounters an error, it fails to invoke the necessary cleanup callback, leading to unfreed references and memory. This vulnerability affects the stable version of the Linux kernel.

Impact

The vulnerability could result in a memory leak, causing increased memory usage and potentially leading to exhaustion of system resources.

Added: May 1, 2026, 3:50 PM

Updated: May 1, 2026, 3:50 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

7.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

7.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Bluetooth Command Synchronization Memory Leak Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating