CVE-2026-23151
📋 TL;DR
A memory leak vulnerability in the Linux kernel's Bluetooth MGMT subsystem allows unallocated memory to accumulate when SSP (Secure Simple Pairing) commands complete. This affects Linux systems with Bluetooth functionality enabled, potentially leading to resource exhaustion over time. The vulnerability is present in specific kernel versions where the memory cleanup was improperly implemented.
💻 Affected Systems
- Linux Kernel
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or kernel panic if memory resources are depleted.
Likely Case
Gradual memory consumption over time leading to degraded system performance, particularly on systems with frequent Bluetooth pairing operations.
If Mitigated
Minimal impact with proper monitoring and memory management controls in place; system remains functional but may experience slower memory leak accumulation.
🎯 Exploit Status
Exploitation requires ability to trigger Bluetooth SSP pairing operations repeatedly. No authentication bypass or code execution is involved - purely a resource exhaustion vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits 1850a558d116d7e3e2ef36d06a56f59b640cc214, 1b9c17fd0a7fdcbe69ec5d6fe8e50bc5ed7f01f2, or 3b6318505378828ee415d6ef678db6a74c077504 applied
Vendor Advisory: https://git.kernel.org/stable/c/1850a558d116d7e3e2ef36d06a56f59b640cc214
Restart Required: No
Instructions:
1. Update to a patched kernel version from your Linux distribution. 2. For custom kernels, apply the relevant fix commits from kernel.org. 3. Rebuild and install the kernel. 4. No system restart required for kernel live patching if supported.
🔧 Temporary Workarounds
Disable Bluetooth SSP
LinuxDisable Secure Simple Pairing functionality to prevent triggering the vulnerable code path
echo 0 > /sys/module/bluetooth/parameters/ssp_mode
hciconfig hci0 sspmode 0
Disable Bluetooth Service
systemd-based LinuxCompletely disable Bluetooth functionality if not required
systemctl stop bluetooth
systemctl disable bluetooth
🧯 If You Can't Patch
- Monitor system memory usage closely for abnormal consumption patterns
- Implement process memory limits and restart Bluetooth services periodically to clear accumulated memory
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if it includes the vulnerable commit range. Use: 'uname -r' and compare with distribution security advisories.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits: 1850a558d116d7e3e2ef36d06a56f59b640cc214, 1b9c17fd0a7fdcbe69ec5d6ef678db6a74c077504, or 3b6318505378828ee415d6ef678db6a74c077504📡 Detection & Monitoring
Log Indicators:
- Kernel OOM (Out of Memory) messages in dmesg
- Increasing memory usage by kernel processes over time
- Bluetooth subsystem error logs related to memory allocation
Network Indicators:
- Abnormal Bluetooth pairing frequency patterns
SIEM Query:
source="kernel" AND ("Out of memory" OR "oom" OR "memory allocation failure") AND process="bluetooth"