CVE-2026-31497

UNKNOWN 0.0

Bluetooth: btusb: clamp SCO altsetting table indices

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: clamp SCO altsetting table indices btusb_work() maps the number of active SCO links to USB alternate settings through a three-entry lookup table when CVSD traffic uses transparent voice settings. The lookup currently indexes alts[] with data->sco_num - 1 without first constraining sco_num to the number of available table entries. While the table only defines alternate settings for up to three SCO links, data->sco_num comes from hci_conn_num() and is used directly. Cap the lookup to the last table entry before indexing it so the driver keeps selecting the highest supported alternate setting without reading past alts[].

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 22, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 312c4450fe23014665c163f480edd5ad2e27bbb8 baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 9dd13a8641de79bc1bc93da55cdd35259a002683 baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 476c9262b430c38c6a701a3b8176a3f48689085b baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 6fba3c3d48c927e55611a0f5ea34da88138ed0ff baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 834cf890d2c3d29cbfa1ee2376c40469c28ec297 baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 1019028eb124564cf7bca58a16f1df8a1ca30726 baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 21c254202f9d78abe0fcd642a92966deb92bd226 baac6276c0a9f36f1fe1f00590ef00d2ba5ba626 < 129fa608b6ad08b8ab7178eeb2ec272c993aaccc

Linux / Linux

5.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗