Vulnerability in Linux Kernel Bluetooth Module - Potential Use After Free Issue
CVE-2026-43018

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43018?

A vulnerability exists in the Linux kernel Bluetooth subsystem that can lead to a Use After Free (UAF) condition. This occurs in the handling of the hci_le_remote_conn_param_req_evt event, where the connection lookup and access to certain fields may not be properly protected by the hdev lock. If the hdev lock is not held, it is possible that the connection can be freed while still being accessed, leading to potential exploitation. To mitigate this risk, the critical section for the hci_dev_lock has been extended to cover all usage of connections, ensuring that concurrent access does not lead to instability or security breaches in Bluetooth operations.

Affected Version(s)

Linux 95118dd4edfec950898a00180c6f998df0a6406d < 59eecf0ffde15670e6a5e10c47be67f73d843b20

Linux 95118dd4edfec950898a00180c6f998df0a6406d < 5fb69e1eeea9d6cba80517e9f058b56b34bc3a81

Linux 95118dd4edfec950898a00180c6f998df0a6406d < 7cadb03be37e761130edb153544fe0770a842b19

References

https://git.kernel.org/stable/c/59eecf0ffde15670e6a5e10c4...

https://git.kernel.org/stable/c/5fb69e1eeea9d6cba80517e9f...

https://git.kernel.org/stable/c/7cadb03be37e761130edb1535...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43018 Data

JSON