Linux Kernel Bluetooth Vulnerability in btusb Driver
CVE-2026-31497

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-31497?

A vulnerability exists in the btusb driver of the Linux kernel, where the mapping of active SCO links to USB alternate settings does not properly constrain the index used for lookup. Specifically, the number of active SCO links is directly passed to the lookup without ensuring it does not exceed the limited size of the SCO alternate settings table, which only accommodates three links. This can lead to the potential risk of accessing memory that is outside the bounds of the intended array, which might impact system stability and security.

Affected Version(s)

Linux baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 312c4450fe23014665c163f480edd5ad2e27bbb8

Linux baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 9dd13a8641de79bc1bc93da55cdd35259a002683

Linux baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 476c9262b430c38c6a701a3b8176a3f48689085b

References

https://git.kernel.org/stable/c/312c4450fe23014665c163f48...

https://git.kernel.org/stable/c/9dd13a8641de79bc1bc93da55...

https://git.kernel.org/stable/c/476c9262b430c38c6a701a3b8...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31497 Data

JSON