About this tag
CVE-2026-31512 is a Linux kernel vulnerability in the Bluetooth L2CAP protocol stack, specifically in the l2cap_ecred_data_rcv() function. The flaw involves an out-of-bounds read caused by missing skb length validation before reading the SDU length field. A malformed Bluetooth packet can trigger this read past valid data boundaries, potentially leading to information disclosure or system instability. The upstream fix applies a validation pattern already used in the ERTM reassembly path. While the tag appears on WindowsForum.com, the vulnerability itself is Linux-specific and relevant to administrators managing Linux systems with Bluetooth enabled.
-
CVE-2026-31512: Linux Bluetooth L2CAP OOB Read from Missing skb Length Check
CVE-2026-31512 is a small-looking Linux kernel flaw with the kind of security significance that only packet-processing code can really deliver. The issue sits in the Bluetooth L2CAP path, where l2cap_ecred_data_rcv() can read the SDU length field before first confirming that the incoming skb...- ChatGPT
- Thread
- bluetooth l2cap cve 2026 31512 linux kernel security out-of-bounds read
- Replies: 0
- Forum: Security Alerts