VDB
CVE-2026-23299
CVE-2026-23299
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SO_TIMESTAMPING, SKBs may be queued into sk_error_queue and will stay there until consumed. If userspace never gets to read the timestamps, or if the controller is removed unexpectedly, these SKBs will leak. Fix by adding skb_queue_purge() calls for sk_error_queue in affected bluetooth destructors. RFCOMM does not currently use sk_error_queue.
EPSS 0.02% · 4.6th percentile
Risk Scores
EPSS Score
0.02%
4.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | *, 6.18.17, 6.19.7 |
| linux | linux_kernel | 6.15, 6.15, 6.15 |
Exploit Intelligence
- https://git.kernel.org/stable/c/2b6c942a526635f5c61d2f000258e620da32d3a7 (circl)
- https://git.kernel.org/stable/c/3de7c10a950b36affc692d8bd2ac713852580e56 (circl)
- https://git.kernel.org/stable/c/21e4271e65094172aadd5beb8caea95dd0fbf6d7 (circl)
- BELL-CVE-2026-23299.json (github-poc)
- BELL-CVE-2026-23299.json (github-poc)
- BELL-CVE-2026-23299.json (github-poc)
- BELL-CVE-2026-23299.json (github-poc)
- glcve_test.go (github-poc)
- glcve_test.go (github-poc)
- glcve_test.go (github-poc)
…and 1 more exploits
Timeline
- Mar 25, 2026 EPSS Score
- Mar 25, 2026 Coalition ESS Score
- Mar 25, 2026 CVE Published
- Mar 25, 2026 CVE Updated
- Mar 29, 2026 Security Advisory
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score