CVE-2026-31499

UNKNOWN 0.0

Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() l2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer and id_addr_timer while holding conn->lock. However, the work functions l2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire conn->lock, creating a potential AB-BA deadlock if the work is already executing when l2cap_conn_del() takes the lock. Move the work cancellations before acquiring conn->lock and use disable_delayed_work_sync() to additionally prevent the works from being rearmed after cancellation, consistent with the pattern used in hci_conn_del().

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 22, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

ab4eedb790cae44313759b50fe47da285e2519d5 < 3f26ecbd9cde621dd94be7ef252c7210b965a5c7 ab4eedb790cae44313759b50fe47da285e2519d5 < d008460de352e534f6721de829b093368564ec66 ab4eedb790cae44313759b50fe47da285e2519d5 < 00fdebbbc557a2fc21321ff2eaa22fd70c078608 efc30877bd4bc85fefe98d80af60fafc86e5775e f87271d21dd4ee83857ca11b94e7b4952749bbae 18ab6b6078fa8191ca30a3065d57bf35d5635761

Linux / Linux

6.14

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/3f26ecbd9cde621dd94be7ef252c7210b965a5c7 git.kernel.org: https://git.kernel.org/stable/c/d008460de352e534f6721de829b093368564ec66 git.kernel.org: https://git.kernel.org/stable/c/00fdebbbc557a2fc21321ff2eaa22fd70c078608