{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-46275/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-14T04:29:56.520Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-46275","@id":"https://www.cve.org/CVERecord?id=CVE-2026-46275","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_uart: fix UAFs and race conditions in close and init paths\n\nVulnerabilities leading to Use-After-Free (UAF) and Null Pointer\nDereference (NPD) conditions were observed in the lifecycle management\nof hci_uart.\n\nThe primary issue arises because the workqueues (init_ready and\nwrite_work) are only flushed/cancelled if the HCI_UART_PROTO_READY\nflag is set during TTY close. If a hangup occurs before setup completes,\nhc"},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:5.10:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:5.10:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 192cb0f1ca706d9a1bc36ae0ad5f666d1e4fd894, 4.15, 4.20, 5.5, 5.9, 5.10, 5.10.258, 5.15.209, 6.1.175, 6.6.142, 6.12.92, 6.18.34, 7.0.11, 7.1-rc5, 7338031946bd06f6dff149e67b60c4cd083bfea8, 78aad93e938f013d9272fe0ee168f27883afa95c, 81c7a3c22a0f2808cf4ae0b4908f59763b23606d, 9d20d48be2c4a071fb015eb09bda2cecd25daf34, c1bb9336ae6b54a5f6a353c4bd4ed9a4307e429b, c85cff648a2bc92322912db5f1727ad05afae7b6, e2d19969c8d9198ecc3090bcd5312ecd503a3339.","timestamp":"2026-06-14T04:29:56.520Z"}]}