CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-23151

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in set_ssp_complete Fix memory leak in set_ssp_complete() where mgmt_pending_cmd structures are not freed after being removed from the pending list. Commit 302a1f674c00 ("Bluetooth: MGMT: Fix possible UAFs") replaced mgmt_pending_foreach() calls with individual command handling but missed adding mgmt_pending_free() calls in both error and success paths of set_ssp_complete(). Other completion functions like set_le_complete() were fixed correctly in the same commit. This causes a memory leak of the mgmt_pending_cmd structure and its associated parameter data for each SSP command that completes. Add the missing mgmt_pending_free(cmd) calls in both code paths to fix the memory leak. Also fix the same issue in set_advertising_complete().

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.5%

CVSS Severity

CVSS v3 Score 5.5

References

Products affected by CVE-2026-23151

Linux » Linux Kernel » Version: 6.12.59

cpe:2.3:o:linux:linux_kernel:6.12.59
Linux » Linux Kernel » Version: 6.12.60

cpe:2.3:o:linux:linux_kernel:6.12.60
Linux » Linux Kernel » Version: 6.12.61

cpe:2.3:o:linux:linux_kernel:6.12.61
Linux » Linux Kernel » Version: 6.12.62

cpe:2.3:o:linux:linux_kernel:6.12.62
Linux » Linux Kernel » Version: 6.12.63

cpe:2.3:o:linux:linux_kernel:6.12.63
Linux » Linux Kernel » Version: 6.12.64

cpe:2.3:o:linux:linux_kernel:6.12.64
Linux » Linux Kernel » Version: 6.12.65

cpe:2.3:o:linux:linux_kernel:6.12.65
Linux » Linux Kernel » Version: 6.12.66

cpe:2.3:o:linux:linux_kernel:6.12.66
Linux » Linux Kernel » Version: 6.12.67

cpe:2.3:o:linux:linux_kernel:6.12.67
Linux » Linux Kernel » Version: 6.12.68

cpe:2.3:o:linux:linux_kernel:6.12.68
Linux » Linux Kernel » Version: 6.16.10

cpe:2.3:o:linux:linux_kernel:6.16.10
Linux » Linux Kernel » Version: 6.16.11

cpe:2.3:o:linux:linux_kernel:6.16.11
Linux » Linux Kernel » Version: 6.16.12

cpe:2.3:o:linux:linux_kernel:6.16.12
Linux » Linux Kernel » Version: 6.17

cpe:2.3:o:linux:linux_kernel:6.17
Linux » Linux Kernel » Version: 6.17.1

cpe:2.3:o:linux:linux_kernel:6.17.1
Linux » Linux Kernel » Version: 6.17.10

cpe:2.3:o:linux:linux_kernel:6.17.10
Linux » Linux Kernel » Version: 6.17.11

cpe:2.3:o:linux:linux_kernel:6.17.11
Linux » Linux Kernel » Version: 6.17.12

cpe:2.3:o:linux:linux_kernel:6.17.12
Linux » Linux Kernel » Version: 6.17.13

cpe:2.3:o:linux:linux_kernel:6.17.13
Linux » Linux Kernel » Version: 6.17.2

cpe:2.3:o:linux:linux_kernel:6.17.2
Linux » Linux Kernel » Version: 6.17.3

cpe:2.3:o:linux:linux_kernel:6.17.3
Linux » Linux Kernel » Version: 6.17.4

cpe:2.3:o:linux:linux_kernel:6.17.4
Linux » Linux Kernel » Version: 6.17.5

cpe:2.3:o:linux:linux_kernel:6.17.5
Linux » Linux Kernel » Version: 6.17.6

cpe:2.3:o:linux:linux_kernel:6.17.6
Linux » Linux Kernel » Version: 6.17.7

cpe:2.3:o:linux:linux_kernel:6.17.7
Linux » Linux Kernel » Version: 6.17.8

cpe:2.3:o:linux:linux_kernel:6.17.8
Linux » Linux Kernel » Version: 6.17.9

cpe:2.3:o:linux:linux_kernel:6.17.9
Linux » Linux Kernel » Version: 6.18

cpe:2.3:o:linux:linux_kernel:6.18
Linux » Linux Kernel » Version: 6.18.1

cpe:2.3:o:linux:linux_kernel:6.18.1
Linux » Linux Kernel » Version: 6.18.2

cpe:2.3:o:linux:linux_kernel:6.18.2
Linux » Linux Kernel » Version: 6.18.3

cpe:2.3:o:linux:linux_kernel:6.18.3
Linux » Linux Kernel » Version: 6.18.4

cpe:2.3:o:linux:linux_kernel:6.18.4
Linux » Linux Kernel » Version: 6.18.5

cpe:2.3:o:linux:linux_kernel:6.18.5
Linux » Linux Kernel » Version: 6.18.6

cpe:2.3:o:linux:linux_kernel:6.18.6
Linux » Linux Kernel » Version: 6.18.7

cpe:2.3:o:linux:linux_kernel:6.18.7
Linux » Linux Kernel » Version: 6.18.8

cpe:2.3:o:linux:linux_kernel:6.18.8
Linux » Linux Kernel » Version: 6.19

cpe:2.3:o:linux:linux_kernel:6.19

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-23151

Products

Pricing

Contact Us