5.5

CVE-2026-45836

Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb()

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb()

Add the same NULL guard already present in
l2cap_sock_resume_cb() and l2cap_sock_ready_cb().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.13 < 5.10.258
LinuxLinux Kernel Version >= 5.11 < 5.15.209
LinuxLinux Kernel Version >= 5.16 < 6.1.175
LinuxLinux Kernel Version >= 6.2 < 6.6.140
LinuxLinux Kernel Version >= 6.7 < 6.12.90
LinuxLinux Kernel Version >= 6.13 < 6.18.30
LinuxLinux Kernel Version >= 6.19 < 7.0.7
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/cf1fd517f892ded88168df878f834b625133f86d
Patch
https://git.kernel.org/stable/c/58dc5e3d8768e121907608e6e196a908512fb083
Patch
https://git.kernel.org/stable/c/32bd343803d4ba47cc516f9d5f037f01b855d767
Patch
https://git.kernel.org/stable/c/a93d66907dd4d29b65c9797a93784bf61906d6d6
Patch
https://git.kernel.org/stable/c/78a88d43dab8d23aeef934ed8ce34d40e6b3d613
Patch
https://git.kernel.org/stable/c/6e8d1a2a677a81caa60cf0aabd4217bd585fbba1
Patch
https://git.kernel.org/stable/c/e1863e7480feddb90125d0dd5a1b572972d75908
Patch
https://git.kernel.org/stable/c/fd072f833147b0bc10c43a454624cb99d02f3fc7
Patch