Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-43134— Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ

CVSS 8.1 · High EPSS 0.18% · P7

Possible ATT&CK Techniques 1AI

T1510

Affected Version Matrix 18

VendorProductVersion RangeStatus
LinuxLinux27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d< 335071c0c3637064ec250481f589075db44fe4e6affected
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d< fa6ad76fa8623c0a50d529cd5726fa5d819a3be4affected
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d< 9118601ff90b79e8df3c0c98f48ae00c1b02ecefaffected
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d< 481ea39b342c347b6ac029f3d418486280be4e45affected
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d< ec91078e132179b04e0c3906b599816c056ceaadaffected
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d< 96581749c7c14fbec32c35728520867929600041affected
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d< 8dd43f9a9323f9c01bc8246da8d81a4c783c9e97affected
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d< 138d7eca445ef37a0333425d269ee59900ca1104affected
… +10 more rows
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-43134

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ This adds a check for encryption key size upon receiving L2CAP_LE_CONN_REQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAP_CR_LE_BAD_KEY_SIZE.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于Bluetooth L2CAP中缺少加密密钥大小检查,可能导致不符合预期行为。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d ~ 335071c0c3637064ec250481f589075db44fe4e6 -
LinuxLinux 3.14 -

II. Public POCs for CVE-2026-43134

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-43134

登录查看更多情报信息。

Patches & Fixes for CVE-2026-43134 (8)

Same Patch Batch · Linux · 2026-05-06 · 224 CVEs total

CVE-2026-431859.8 CRITICALksmbd: fix signededness bug in smb_direct_prepare_negotiation()
CVE-2026-431869.8 CRITICALipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()
CVE-2026-432089.8 CRITICALnet: do not pass flow_id to set_rps_cpu()
CVE-2026-431989.8 CRITICALtcp: fix potential race in tcp_v6_syn_recv_sock()
CVE-2026-431259.8 CRITICALdlm: validate length in dlm_search_rsb_tree
CVE-2026-431149.4 CRITICALnetfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry
CVE-2026-430839.1 CRITICALnet: ioam6: fix OOB and missing lock
CVE-2026-431179.1 CRITICALbtrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file()
CVE-2026-431979.1 CRITICALnetconsole: avoid OOB reads, msg is not nul-terminated
CVE-2026-432328.8 HIGHnet: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets
CVE-2026-431128.8 HIGHfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath
CVE-2026-431138.8 HIGHwifi: wl1251: validate packet IDs before indexing tx_frames
CVE-2026-431108.8 HIGHwifi: brcmfmac: validate bsscfg indices in IF events
CVE-2026-431878.8 HIGHxfs: delete attr leaf freemap entries when empty
CVE-2026-432158.8 HIGHcifs: Fix locking usage for tcon fields
CVE-2026-431768.8 HIGHwifi: rtw89: pci: validate release report content before using for RTL8922DE
CVE-2026-432838.8 HIGHnet: ethernet: ec_bhf: Fix dma_free_coherent() dma handle
CVE-2026-432498.8 HIGH9p/xen: protect xen_9pfs_front_free against concurrent calls
CVE-2026-431588.8 HIGHxfs: fix freemap adjustments when adding xattrs to leaf blocks
CVE-2026-431728.8 HIGHwifi: iwlwifi: fix 22000 series SMEM parsing

Showing top 20 of 224 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2026-43134

No comments yet


Leave a comment