CVE-2026-31511 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete This fixes the condition checking so mgmt_pending_valid is executed whenever status != -ECANCELED otherwise calling mgmt_pending_free(cmd) would kfree(cmd) without unlinking it from the list first, leaving a dangling pointer. Any subsequent list traversal (e.g., mgmt_pending_foreach during __mgmt_power_off, or another mgmt_pending_valid call) would dereference freed memory.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

References

Link	Providers
https://git.kernel.org/stable/c/340666172cf747de58c283d2eef1f335f050538b
https://git.kernel.org/stable/c/3a89c33deffb3cb7877a7ea2e50734cd12b064f2
https://git.kernel.org/stable/c/5f5fa4cd35f707344f65ce9e225b6528691dbbaa
https://git.kernel.org/stable/c/bafec9325d4de26b6c49db75b5d5172de652aae0

History

Wed, 22 Apr 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete This fixes the condition checking so mgmt_pending_valid is executed whenever status != -ECANCELED otherwise calling mgmt_pending_free(cmd) would kfree(cmd) without unlinking it from the list first, leaving a dangling pointer. Any subsequent list traversal (e.g., mgmt_pending_foreach during __mgmt_power_off, or another mgmt_pending_valid call) would dereference freed memory.
Title		Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/340666172cf747de58c283d2eef1f335f050538b https://git.kernel.org/stable/c/3a89c33deffb3cb7877a7ea2e50734cd12b064f2 https://git.kernel.org/stable/c/5f5fa4cd35f707344f65ce9e225b6528691dbbaa https://git.kernel.org/stable/c/bafec9325d4de26b6c49db75b5d5172de652aae0

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-04-22T13:54:29.420Z

Updated: 2026-04-22T13:54:29.420Z

Reserved: 2026-03-09T15:48:24.106Z

Link: CVE-2026-31511

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-04-22T14:16:50.343

Modified: 2026-04-22T14:16:50.343

Link: CVE-2026-31511

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-22T18:15:15Z

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object