CVE-2026-46123 | Linux Kernel up to 7.1-rc2 Bluetooth virtbt_rx_work length uninitialized pointer

May 28, 2026 Yanac

A vulnerability has been found in Linux Kernel up to 6.6.139/6.12.87/6.18.29/7.0.6/7.1-rc2 and classified as critical. This affects the function virtbt_rx_work of the component Bluetooth. Performing a manipulation of the argument length results in uninitialized pointer.

This vulnerability is identified as CVE-2026-46123. The attack can only be performed from the local network. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More