Memory Leak in Linux Kernel Bluetooth Module by Vendor Linux
CVE-2026-43021

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 May 2026

What is CVE-2026-43021?

A vulnerability exists in the Linux kernel's Bluetooth module where the function hci_cmd_sync_queue_once can fail, leading to memory references not being properly destroyed. This can result in memory leaks during Bluetooth command processing, potentially impacting system performance and stability. A successful exploit could lead to unaddressed memory consumption, affecting overall system efficiency.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7fd74178d4b16dcf47179da634ea9d7c02e3608b

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 6.19.12 <= 6.19.*

References

https://git.kernel.org/stable/c/7fd74178d4b16dcf47179da63...

https://git.kernel.org/stable/c/aca377208e7f7322bf4e107cd...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43021 Data

JSON