CVE-2026-53251
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk7th percentile - higher than 7% of all known CVEs
Summary
In the Linux kernel Bluetooth ISO subsystem, a reference leak of the hci_dev structure was found. The iso_conn_big_sync function fails to release the reference obtained by hci_get_route(), leading to memory exhaustion.
Risk Assessment
The organization is at risk of gradual kernel memory exhaustion when using Bluetooth ISO functionality, potentially causing system crashes or performance degradation.
Recommendation
Immediately update the Linux kernel to a version containing the fix that releases the reference leak in the iso_conn_big_sync function.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on iso_conn_big_sync hci_get_route() returns a reference-counted hci_dev pointer via hci_dev_hold(). The function exits normally or with an error without ever releasing it.

