CVE-2026-43019
HIGH
7,8
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Description
AI Translation Available
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync
hci_conn lookup and field access must be covered by hdev lock in
set_cig_params_sync, otherwise it's possible it is freed concurrently.
Take hdev lock to prevent hci_conn from being deleted or modified
concurrently. Just RCU lock is not suitable here, as we also want to
avoid 'tearing' in the configuration.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0001
Percentile
0,0th
Updated
Single Data Point
Only one EPSS measurement is available for this CVE. Trend analysis requires multiple data points over time.
https://git.kernel.org/stable/c/66d432e9b45bae7881ffcdb12cd8fd0bf254ef02
https://git.kernel.org/stable/c/7d568fede8eac91161a60b710aa920abe9b0fb9f
https://git.kernel.org/stable/c/a2639a7f0f5bf7d73f337f8f077c19415c62ed2c
https://git.kernel.org/stable/c/bad65b4b0a96139f023eadc28a33125963208449