Bluetooth BNEP Vulnerability in Linux Kernel
CVE-2026-53253

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-53253?

A vulnerability in the Bluetooth Network Encapsulation Protocol (BNEP) of the Linux kernel allows malicious entities to send short BNEP Service Data Units (SDUs), leading to potential buffer overflow scenarios. Specifically, the bnep_rx_frame() function reads packet type bytes and control opcodes without verifying the presence of data, which can result in dereferencing null pointers. This vulnerability affects control payload handling, where improper reading and parsing of data structures can be exploited, resulting in system instability or unexpected behaviors.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0ef2ea86c82b2615902d085cd5a586fe9f58994f

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2b83afb19293e4de700edae306115f18966dc4f9

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 691f14b6a48b637655755134f1e551c7c6fedc2e

References

https://git.kernel.org/stable/c/0ef2ea86c82b2615902d085cd...

https://git.kernel.org/stable/c/2b83afb19293e4de700edae30...

https://git.kernel.org/stable/c/691f14b6a48b637655755134f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53253 Data

JSON