CVE-2026-31511
Published: Apr 22, 2026
Modified: May 23, 2026
CVSS v3.1
7.8
Description
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete This fixes the condition checking so mgmt_pending_valid is executed whenever status != -ECANCELED otherwise calling mgmt_pending_free(cmd) would kfree(cmd) without unlinking it from the list first, leaving a dangling pointer. Any subsequent list traversal (e.g., mgmt_pending_foreach during __mgmt_power_off, or another mgmt_pending_valid call) would dereference freed memory.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0b60eb04b8524e1b4b3f07fea0d16fda9a677d9a - < 2074dfffad76981ca451cb7fc98703d04ac562feaffected d71b98f253b079cbadc83266383f26fe7e9e103b - < 340666172cf747de58c283d2eef1f335f050538baffected 302a1f674c00dd5581ab8e493ef44767c5101aab - < bafec9325d4de26b6c49db75b5d5172de652aae0affected 302a1f674c00dd5581ab8e493ef44767c5101aab - < 3a89c33deffb3cb7877a7ea2e50734cd12b064f2affected 302a1f674c00dd5581ab8e493ef44767c5101aab - < 5f5fa4cd35f707344f65ce9e225b6528691dbbaa+3 more versions |
Linux | Linux | affected 6.17unaffected 0 - < 6.17unaffected 6.12.80 - <= 6.12.*unaffected 6.18.21 - <= 6.18.*unaffected 6.19.11 - <= 6.19.*+1 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now