Null Pointer Dereference in Bluetooth L2CAP - Linux Kernel
CVE-2026-31510

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-31510?

A vulnerability in the Linux kernel's Bluetooth L2CAP subsystem has been identified, which allows a null pointer dereference to occur in the l2cap_sock_ready_cb function. This vulnerability could lead to a system crash, potentially jeopardizing system stability and performance. A proper check for the sk pointer was added to prevent this issue, ensuring that it is not null before use. Affected systems running specific versions of the Linux kernel may experience issues, necessitating prompt patching to maintain operational integrity.

Affected Version(s)

Linux 54a59aa2b562872781d6a8fc89f300d360941691

Linux 54a59aa2b562872781d6a8fc89f300d360941691 < 03d4eafb0f3788239df63575951f6b4c97bbfda4

Linux 54a59aa2b562872781d6a8fc89f300d360941691 < 3c821bc0fbeaa27910a20d0b43c6008d099792af

References

https://git.kernel.org/stable/c/d34776c7fa1f2c510f1cdd148...

https://git.kernel.org/stable/c/03d4eafb0f3788239df635759...

https://git.kernel.org/stable/c/3c821bc0fbeaa27910a20d0b4...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31510 Data

JSON