CVE-2026-53071

UNKNOWN 0.0

Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp l2cap_ecred_reconf_rsp() calls l2cap_chan_del() without holding l2cap_chan_lock(). Every other l2cap_chan_del() caller in the file acquires the lock first. A remote BLE device can send a crafted L2CAP ECRED reconfiguration response to corrupt the channel list while another thread is iterating it. Add l2cap_chan_hold() and l2cap_chan_lock() before l2cap_chan_del(), and l2cap_chan_unlock() and l2cap_chan_put() after, matching the pattern used in l2cap_ecred_conn_rsp() and l2cap_conn_del().

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 24, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

15f02b91056253e8cdc592888f431da0731337b8 < 96dca51715d86559ed6ed8028e5445cecb80f3ae 15f02b91056253e8cdc592888f431da0731337b8 < 330b20ec97916961ee0e6c29c06bc0fa7c96e64c 15f02b91056253e8cdc592888f431da0731337b8 < 0ccd75c51f620374086f359e906917676e699a1c 15f02b91056253e8cdc592888f431da0731337b8 < 77a853aec710b2fdf41fa298ea3cbc9a4358f917 15f02b91056253e8cdc592888f431da0731337b8 < fe1188abdae9b7a8199dcdfcf9244d5e5d61eb14 15f02b91056253e8cdc592888f431da0731337b8 < dc89961b76f12aff47124c1df4bdb32a080f4d0c 15f02b91056253e8cdc592888f431da0731337b8 < 5501d055a1ce3c747141e3955ba8cf034d193f3e 15f02b91056253e8cdc592888f431da0731337b8 < 42776497cdbc9a665b384a6dcb85f0d4bd927eab

Linux / Linux

5.7

References

NVD ↗ CVE.org ↗ EPSS Data ↗