CVE-2026-43134

CVE Database · CVE-2026-43134

CVE-2026-43134

· HIGHAnalyzed

CVSS v3.1

8.1

EPSS

0.18%

Published

May 6, 2026

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ This adds a check for encryption key size upon receiving L2CAP_LE_CONN_REQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAP_CR_LE_BAD_KEY_SIZE.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products (8)

linux · linux_kernel (up to 5.10.252)vulnerable

linux · linux_kernel (up to 5.15.202)vulnerable

linux · linux_kernel (up to 6.1.165)vulnerable

linux · linux_kernel (up to 6.6.128)vulnerable

linux · linux_kernel (up to 6.12.75)vulnerable

linux · linux_kernel (up to 6.18.16)vulnerable

linux · linux_kernel (up to 6.19.6)vulnerable

linux · linux_kernelvulnerable

References (8)