5.5

CVE-2026-31497

Bluetooth: btusb: clamp SCO altsetting table indices

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: btusb: clamp SCO altsetting table indices

btusb_work() maps the number of active SCO links to USB alternate
settings through a three-entry lookup table when CVSD traffic uses
transparent voice settings. The lookup currently indexes alts[] with
data->sco_num - 1 without first constraining sco_num to the number of
available table entries.

While the table only defines alternate settings for up to three SCO
links, data->sco_num comes from hci_conn_num() and is used directly.
Cap the lookup to the last table entry before indexing it so the
driver keeps selecting the highest supported alternate setting without
reading past alts[].
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.8.1 < 5.10.253
LinuxLinux Kernel Version >= 5.11 < 5.15.203
LinuxLinux Kernel Version >= 5.16 < 6.1.168
LinuxLinux Kernel Version >= 6.2 < 6.6.131
LinuxLinux Kernel Version >= 6.7 < 6.12.80
LinuxLinux Kernel Version >= 6.13 < 6.18.21
LinuxLinux Kernel Version >= 6.19 < 6.19.11
LinuxLinux Kernel Version5.8 Update-
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
LinuxLinux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/1019028eb124564cf7bca58a16f1df8a1ca30726
Patch
https://git.kernel.org/stable/c/129fa608b6ad08b8ab7178eeb2ec272c993aaccc
Patch
https://git.kernel.org/stable/c/21c254202f9d78abe0fcd642a92966deb92bd226
Patch
https://git.kernel.org/stable/c/312c4450fe23014665c163f480edd5ad2e27bbb8
Patch
https://git.kernel.org/stable/c/476c9262b430c38c6a701a3b8176a3f48689085b
Patch
https://git.kernel.org/stable/c/6fba3c3d48c927e55611a0f5ea34da88138ed0ff
Patch
https://git.kernel.org/stable/c/834cf890d2c3d29cbfa1ee2376c40469c28ec297
Patch
https://git.kernel.org/stable/c/9dd13a8641de79bc1bc93da55cdd35259a002683
Patch