CVE-2026-43134
HIGHBluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ This adds a check for encryption key size upon receiving L2CAP_LE_CONN_REQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAP_CR_LE_BAD_KEY_SIZE.
References (8)
Core 8
Core References
Scores
CVSS v3
8.1
EPSS
0.0018
EPSS Percentile
7.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Details
Status
published
Products (27)
linux/Kernel
3.14.0 - 5.10.252linux
linux/Kernel
5.11.0 - 5.15.202linux
linux/Kernel
5.16.0 - 6.1.165linux
linux/Kernel
6.13.0 - 6.18.16linux
linux/Kernel
6.19.0 - 6.19.6linux
linux/Kernel
6.2.0 - 6.6.128linux
linux/Kernel
6.7.0 - 6.12.75linux
Linux/Linux
< 3.14
Linux/Linux
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d - 138d7eca445ef37a0333425d269ee59900ca1104
Linux/Linux
27e2d4c8d28be1d1b4ecfbffab572d7dbd35254d - 335071c0c3637064ec250481f589075db44fe4e6
... and 17 more
Published
May 06, 2026
Tracked Since
May 06, 2026