CVE-2026-53358
Enriched by CISA
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen()
l2cap_chan_close() removes the channel from conn->chan_l, which
must be done under conn->lock. cleanup_listen() runs under the
parent sk_lock, so acquiring conn->lock would invert the
established conn->lock -> chan->lock -> sk_lock order.
Instead of calling l2cap_chan_close() directly, schedule
l2cap_chan_timeout with delay 0 to close the channel
asynchronously. The timeout handler already acquires conn->lock
and chan->lock in the correct order.
The timer is only armed when chan->conn is still set: if it is
already NULL, l2cap_conn_del() has already processed this channel
(l2cap_chan_del + l2cap_sock_teardown_cb + l2cap_sock_close_cb),
so there is nothing left to do. If l2cap_conn_del() races in
after the timer is armed, __clear_chan_timer() inside
l2cap_chan_del() cancels it; if the timer has already fired, the
handler returns harmlessly because chan->conn was cleared.
https://nvd.nist.gov/vuln/detail/CVE-2026-53358
Categories
No category defined
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67
AFFECTED (from MITRE)
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux |
|
| Linux | Linux |
|
| © 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation. | ||
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 3.4 | < 5.10.259 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 3.4 | < 5.15.210 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 3.4 | < 6.1.176 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 3.4 | < 6.6.143 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 3.4 | < 6.12.93 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 3.4 | < 6.18.35 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 3.4 | < 7.0.12 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 3.4 | < 7.1 |
REMEDIATION
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| No known exploits |
Other Nist (github, ...)
| Url |
|---|
| No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
