SB2026050952 - Improper access control in Linux kernel bluetooth



SB2026050952 - Improper access control in Linux kernel bluetooth

Published: May 9, 2026

Security Bulletin ID SB2026050952
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Adjecent network
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Improper access control (CVE-ID: CVE-2026-43334)

CWE-ID: CWE-284 - Improper Access Control

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to bypass man-in-the-middle protection during Bluetooth pairing.

The vulnerability exists due to improper access control in the Bluetooth SMP pairing response handling when processing a pairing request. A remote attacker can initiate a pairing request that omits MITM requirements to bypass man-in-the-middle protection during Bluetooth pairing.

Exploitation is possible when the local side requires high security and the selected pairing method becomes inconsistent with the responder's security policy.


Remediation

Install update from vendor's website.