Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SO_TIMESTAMPING, SKBs may be queued into sk_error_queue and will stay there until consumed. If userspace never gets to read the timestamps, or if the controller is removed unexpectedly, these SKBs will leak. Fix by adding skb_queue_purge() calls for sk_error_queue in affected bluetooth destructors. RFCOMM does not currently use sk_error_queue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 2.3%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2026-23299


Contact Us

Shodan ® - All rights reserved