Concurrency Issue in Linux Kernel Bluetooth Component
CVE-2026-43019

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43019?

A vulnerability exists in the Bluetooth component of the Linux kernel, specifically in the handling of the hci_conn structure during the set_cig_params_sync process. The issue arises due to inadequate locking, where hci_conn can be freed concurrently if hdev lock is not properly acquired. This can lead to a Use After Free (UAF) condition, allowing potential exploitation by malicious actors. To mitigate this risk, it is essential to implement proper locking mechanisms to ensure that hci_conn is not modified or deleted concurrently, avoiding potential data corruption or system instability.

Affected Version(s)

Linux a091289218202bc09d9b9caa8afcde1018584aec < 66d432e9b45bae7881ffcdb12cd8fd0bf254ef02

Linux a091289218202bc09d9b9caa8afcde1018584aec < 7d568fede8eac91161a60b710aa920abe9b0fb9f

Linux a091289218202bc09d9b9caa8afcde1018584aec

References

https://git.kernel.org/stable/c/66d432e9b45bae7881ffcdb12...

https://git.kernel.org/stable/c/7d568fede8eac91161a60b710...

https://git.kernel.org/stable/c/bad65b4b0a96139f023eadc28...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43019 Data

JSON