๐Ÿ” CVE Alert

CVE-2026-53254

UNKNOWN 0.0

Bluetooth: RFCOMM: validate skb length in MCC handlers

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb->data to protocol-specific structs without validating skb->len first. A malicious remote device can send truncated MCC frames and trigger out-of-bounds reads in these handlers. Fix this by using skb_pull_data() to validate and access the required data before dereferencing it. rfcomm_recv_rpn() requires special handling since ETSI TS 07.10 allows 1-byte RPN requests. Handle this by validating only the DLCI byte first, and validating the full struct only when len > 1.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Jun 25, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7c15c7c2878957cbfed93bcc29c13fdace464254 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0d637136ce89f9a2309b2c3502402ce400dab0ef 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 98377e6b1a1a56561ec66a181573ea2b61b2079e 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1b070ac9e99c2c2c3a8112943ca98ab6fca7f10c 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3eabc6d47a0ad22b053329997aaf0ec1e581e392 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 08b9c1fbe78f4ad3f6250c6541cfaabdbeb81997 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 23882b828c3c8c51d0c946446a396b10abb3b16b
Linux / Linux
2.6.12

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/7c15c7c2878957cbfed93bcc29c13fdace464254 git.kernel.org: https://git.kernel.org/stable/c/0d637136ce89f9a2309b2c3502402ce400dab0ef git.kernel.org: https://git.kernel.org/stable/c/98377e6b1a1a56561ec66a181573ea2b61b2079e git.kernel.org: https://git.kernel.org/stable/c/1b070ac9e99c2c2c3a8112943ca98ab6fca7f10c git.kernel.org: https://git.kernel.org/stable/c/3eabc6d47a0ad22b053329997aaf0ec1e581e392 git.kernel.org: https://git.kernel.org/stable/c/08b9c1fbe78f4ad3f6250c6541cfaabdbeb81997 git.kernel.org: https://git.kernel.org/stable/c/23882b828c3c8c51d0c946446a396b10abb3b16b