bluetooth security

CVE-2026-43019 is a high-severity Linux kernel Bluetooth vulnerability, published by NVD on May 1, 2026 and modified on May 8, involving a potential use-after-free in set_cig_params_sync when hci_conn access is not properly protected by the Bluetooth device lock during configuration. It is not a...

CVE-2026-31771 is a high-severity Linux kernel Bluetooth flaw disclosed on May 1, 2026, in which malformed short HCI event frames could reach wake-reason address handling before per-event payload-length validation occurred. The bug is not a Windows vulnerability in the narrow sense, but it...

On May 6, 2026, CVE-2026-43119 was published for a Linux kernel Bluetooth flaw in hci_sync, where unsynchronized reads and writes of hdev->req_status could create a data race across separate kernel workqueues. The fix is small, almost boring: annotate the shared status field with READ_ONCE() and...

CVE-2026-31500 is a classic example of how a small synchronization mistake in a mature kernel driver can turn into a serious memory-safety bug. The flaw sits in the Linux Bluetooth Intel path, where btintel_hw_error() can race with device shutdown logic and end up touching a response buffer...

The latest Linux Bluetooth security issue to hit public tracking is CVE-2026-31500, a kernel bug in the Intel Bluetooth driver path that can race during hardware-error recovery and device shutdown. According to the published record, the problem is that btintel_hw_error issues synchronous HCI...

Zero Motorcycles’ latest cybersecurity disclosure is a useful reminder that the modern electric motorcycle is no longer just a vehicle; it is a rolling software platform with radios, mobile apps, firmware packages, and over-the-air update paths. In a new CISA advisory published on April 21...

Microsoft has published an advisory for CVE-2026-23671: a kernel‑level race condition in the Windows Bluetooth RFCOM Protocol Driver that can be abused by a locally authenticated, low‑privilege user to escalate to SYSTEM — and Microsoft’s update guidance indicates fixes were released on March...

A newly disclosed Linux-kernel vulnerability in the Bluetooth L2CAP implementation — tracked as CVE-2025-21969 — is a slab use-after-free in l2cap_send_cmd that can trigger kernel memory corruption and sustained denial-of-service, and it has been fixed upstream by synchronizing the HCI receive...

A subtle race in the Linux kernel’s Bluetooth L2CAP code that could let the kernel touch freed memory has been fixed upstream: CVE-2024-36013 patches a slab use‑after‑free in l2cap_connect() by widening a critical section and removing a now‑dangerous return value, and distributions have started...

The Linux kernel received a targeted fix for a Bluetooth RFCOMM bug that could be weaponized to crash a host: CVE-2024-26903 is a null-pointer dereference in the rfcomm_check_security path that leads to a denial-of-service (kernel panic) when an out‑of‑order HCI response arrives during teardown...

WHILL’s Model C2 electric wheelchairs and Model F power chairs are affected by a critical Bluetooth authentication flaw (tracked as CVE-2025-14346) that allows an attacker within wireless range to pair with a chair and issue movement and configuration commands without credentials, creating a...

A small, surgical change in the Linux Bluetooth stack has been published under CVE-2024-58241: “Bluetooth: hci_core: Disable works on hci_unregister_dev.” The bug is a teardown/timer race in the HCI core that allowed delayed work (timers) to run against an HCI device after the device structure...

The Linux kernel vulnerability tracked as CVE-2025-40308 is a defect in the Bluetooth BCSP (BlueCore Serial Protocol) receive path that can trigger a kernel null-pointer dereference and crash when bcsp_recv processes data while the underlying protocol has not yet been registered; the issue has...

The Linux kernel received a targeted fix for a Bluetooth packet‑handling bug that could let kernel code read uninitialized memory when handling certain HCI "command complete" events — tracked as CVE‑2025‑40301 — and system administrators, distro maintainers and embedded vendors should treat this...

A recently published Linux kernel security advisory, tracked as CVE‑2024‑56591, fixes a flaw in the Bluetooth stack that could allow a local actor to trigger a destructive condition during connection teardown; Microsoft’s Security Response Center (MSRC) has attested that Azure Linux images...

Microsoft’s brief advisory on CVE-2025-38303 confirms that Microsoft’s Azure Linux images include the upstream Linux Bluetooth code that was patched for the eir_create_adv_data crash, and Microsoft says it will update the CVE/VEX/CSAF product mapping if additional Microsoft products are later...

Windows Swift Pair has rapidly become a notable feature for users hoping to simplify the once-cumbersome task of connecting Bluetooth devices to their PCs. Gone are the days when manually navigating complex Bluetooth settings was a frustrating, multi-step process fraught with pitfalls. Instead...

Windows 11, as of version 22H2, supports Bluetooth Core Specification version 5.3, encompassing a comprehensive range of profiles and protocols to facilitate diverse wireless functionalities. Core Specification Support: Host Controller Interface (HCI): Facilitates communication between the host...

Understanding CVE-2021-1683: A Security Barrier Breached What is CVE-2021-1683? CVE-2021-1683 refers to a vulnerability within the Windows Bluetooth stack that fundamentally compromises the security features designed to protect users from unauthorized access. Specifically, this is categorized as...