CVE-2026-10654 | zephyrproject zephyr up to 4.4.x RFCOMM Service rfcomm.c rfcomm_handle_disc race condition (GHSA-4m37-wp5x-hq4h)

SecurityVulns

A vulnerability identified as problematic has been detected in zephyrproject zephyr up to 4.4.x. Affected is the function rfcomm_handle_disc of the file subsys/bluetooth/host/classic/rfcomm.c of the component RFCOMM Service. Performing a manipulation results in race condition.

This vulnerability is identified as CVE-2026-10654. The attack can only be performed from the local network. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More