Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb()
Summary
| CVE | CVE-2026-45836 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-05-26 17:16:50 UTC |
| Updated | 2026-06-01 17:17:11 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb() Add the same NULL guard already present in l2cap_sock_resume_cb() and l2cap_sock_ready_cb(). |
Risk And Classification
EPSS: 0.000240000 probability, percentile 0.070110000 (date 2026-06-01)
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected 8d836d71e2223b8961b21112bb4ce89ef8231682 fd072f833147b0bc10c43a454624cb99d02f3fc7 git | Not specified |
| CNA | Linux | Linux | affected 8d836d71e2223b8961b21112bb4ce89ef8231682 6e8d1a2a677a81caa60cf0aabd4217bd585fbba1 git | Not specified |
| CNA | Linux | Linux | affected 8d836d71e2223b8961b21112bb4ce89ef8231682 e1863e7480feddb90125d0dd5a1b572972d75908 git | Not specified |
| CNA | Linux | Linux | affected 8d836d71e2223b8961b21112bb4ce89ef8231682 cf1fd517f892ded88168df878f834b625133f86d git | Not specified |
| CNA | Linux | Linux | affected 8d836d71e2223b8961b21112bb4ce89ef8231682 58dc5e3d8768e121907608e6e196a908512fb083 git | Not specified |
| CNA | Linux | Linux | affected 8d836d71e2223b8961b21112bb4ce89ef8231682 32bd343803d4ba47cc516f9d5f037f01b855d767 git | Not specified |
| CNA | Linux | Linux | affected 8d836d71e2223b8961b21112bb4ce89ef8231682 a93d66907dd4d29b65c9797a93784bf61906d6d6 git | Not specified |
| CNA | Linux | Linux | affected 8d836d71e2223b8961b21112bb4ce89ef8231682 78a88d43dab8d23aeef934ed8ce34d40e6b3d613 git | Not specified |
| CNA | Linux | Linux | affected 3.13 | Not specified |
| CNA | Linux | Linux | unaffected 3.13 semver | Not specified |
| CNA | Linux | Linux | unaffected 5.10.258 5.10.* semver | Not specified |
| CNA | Linux | Linux | unaffected 5.15.209 5.15.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.1.175 6.1.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.140 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.90 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.30 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0.7 7.0.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.1-rc3 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/58dc5e3d8768e121907608e6e196a908512fb083 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/78a88d43dab8d23aeef934ed8ce34d40e6b3d613 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/a93d66907dd4d29b65c9797a93784bf61906d6d6 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/cf1fd517f892ded88168df878f834b625133f86d | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/32bd343803d4ba47cc516f9d5f037f01b855d767 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/fd072f833147b0bc10c43a454624cb99d02f3fc7 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/6e8d1a2a677a81caa60cf0aabd4217bd585fbba1 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/e1863e7480feddb90125d0dd5a1b572972d75908 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.