Null Pointer Dereference in Linux Kernel Bluetooth Component
CVE-2026-45836

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 May 2026

What is CVE-2026-45836?

A vulnerability within the Bluetooth subsystem of the Linux kernel can lead to a null pointer dereference in specific socket callbacks. This issue occurs in the L2CAP (Logical Link Control and Adaptation Protocol) layer, potentially causing application crashes or denial of service. The vulnerability has been addressed by adding necessary null checks to prevent the dereference of a null pointer, enhancing the stability and security of Bluetooth operations within the affected Linux kernel versions.

Affected Version(s)

Linux 8d836d71e2223b8961b21112bb4ce89ef8231682

Linux 8d836d71e2223b8961b21112bb4ce89ef8231682 < 58dc5e3d8768e121907608e6e196a908512fb083

Linux 8d836d71e2223b8961b21112bb4ce89ef8231682 < 32bd343803d4ba47cc516f9d5f037f01b855d767

References

https://git.kernel.org/stable/c/cf1fd517f892ded88168df878...

https://git.kernel.org/stable/c/58dc5e3d8768e121907608e6e...

https://git.kernel.org/stable/c/32bd343803d4ba47cc516f9d5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-45836 Data

JSON