Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync hci_conn lookup and field access must be covered by hdev lock in set_cig_params_sync, otherwise it's possible it is freed concurrently. Take hdev lock to prevent hci_conn from being deleted or modified concurrently. Just RCU lock is not suitable here, as we also want to avoid "tearing" in the configuration.

INFO

Published Date :

2026-05-01T14:15:23.035Z

Last Modified :

2026-05-03T05:46:06.840Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-43019 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-43019.

URL Resource
https://git.kernel.org/stable/c/66d432e9b45bae7881ffcdb12cd8fd0bf254ef02 cve-icon cve-icon
https://git.kernel.org/stable/c/7d568fede8eac91161a60b710aa920abe9b0fb9f cve-icon cve-icon
https://git.kernel.org/stable/c/a2639a7f0f5bf7d73f337f8f077c19415c62ed2c cve-icon cve-icon
https://git.kernel.org/stable/c/bad65b4b0a96139f023eadc28a33125963208449 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026050157-CVE-2026-43019-0c5c@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-43019 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-43019 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact