Improper access control in Linux kernel - CVE-2026-43334
Published: May 9, 2026
Vulnerability identifier: #VU130844
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-43334
CWE-ID: CWE-284
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass man-in-the-middle protection during Bluetooth pairing.
The vulnerability exists due to improper access control in the Bluetooth SMP pairing response handling when processing a pairing request. A remote attacker can initiate a pairing request that omits MITM requirements to bypass man-in-the-middle protection during Bluetooth pairing.
Exploitation is possible when the local side requires high security and the selected pairing method becomes inconsistent with the responder's security policy.
How to mitigate CVE-2026-43334
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/01bb4045d2306c266178f49ce0c3576d237a3040
- https://git.kernel.org/stable/c/425a22c5373d4e1b46492ab869074ebeeade61f3
- https://git.kernel.org/stable/c/7ab69426e7ecbd18a222ee2ec87ca612d30197d7
- https://git.kernel.org/stable/c/91649c02c1baaa18cedf7fb425fa1f0f852c8183
- https://git.kernel.org/stable/c/c8ff0ca6508535bccabd81c5c9dcc63de8a3d4fb
- https://git.kernel.org/stable/c/d05111bfe37bfd8bd4d2dfe6675d6bdeef43f7c7
- https://git.kernel.org/stable/c/ec17efb1ef91506cfd17a77692eaf4bbacb520ea
- https://git.kernel.org/stable/c/fa14e0e19820b1bbdb42185c9c4efa950bcffef9