CVE Catalog

CVE-2026-45836

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile - higher than 2% of all known CVEs

Summary

In the Linux kernel, a vulnerability was found in the Bluetooth L2CAP stack, leading to a null pointer dereference in the l2cap_sock_get_sndtimeo_cb() function. It lacked a NULL check that is already present in similar functions l2cap_sock_resume_cb() and l2cap_sock_ready_cb().

Risk Assessment

An attacker could exploit this vulnerability to cause a kernel panic or potentially escalate privileges, which could lead to system disruption or takeover.

Recommendation

Immediately update the Linux kernel to a version containing the fix that adds the missing NULL check in the l2cap_sock_get_sndtimeo_cb() function.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb() Add the same NULL guard already present in l2cap_sock_resume_cb() and l2cap_sock_ready_cb().

Vulnerability data from NVD (NIST) · CISA KEV · EPSS