PatchSiren cyber security CVE debrief
CVE-2026-53364 Linux CVE debrief
A memory leak vulnerability was found in the Linux kernel's Bluetooth hci_conn component. The hci_le_big_terminate() function allocates memory via kzalloc_obj but fails to free it under certain conditions, leading to a potential memory leak. This vulnerability affects the Linux kernel and could potentially be used by attackers to exploit the Bluetooth component. The vulnerability has been resolved, but Linux kernel developers and maintainers should review and update the code to ensure proper memory management.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-13
- Original CVE updated
- 2026-07-13
- Advisory published
- 2026-07-13
- Advisory updated
- 2026-07-13
Who should care
Linux kernel developers and maintainers, Bluetooth protocol experts, and organizations using Linux-based systems with Bluetooth capabilities should be aware of this vulnerability. They should review and update the Linux kernel Bluetooth hci_conn component code to ensure proper memory management and verify and validate memory allocation and deallocation in the hci_le_big_terminate() function.
Technical summary
The hci_le_big_terminate() function in the Linux kernel's Bluetooth hci_conn component allocates memory using kzalloc_obj but does not free it when neither pa_sync_term nor big_sync_term flags are set after evaluating the PA and BIG sync connection state. This early-return path was introduced during refactoring of hci_le_big_terminate() to take struct hci_conn instead of raw u8 parameters, adding PA/BIG flag evaluation logic. The existing kfree() on hci_cmd_sync_queue failure does not cover this path. The vulnerability has been resolved, but the specific details of the vulnerability and its impact are not publicly available.
Defensive priority
Medium
Recommended defensive actions
- Review and update Linux kernel Bluetooth hci_conn component code to ensure proper memory management
- Verify and validate memory allocation and deallocation in hci_le_big_terminate() function
- Consider implementing additional monitoring and logging to detect potential memory leaks
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
- Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance
- Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
Evidence notes
The CVE record was published on 2026-07-13T18:16:28.297Z and has not been modified since then. The NVD entry is currently Received. There is limited information available about the vulnerability, and defenders should verify the affected scope and severity with the official CVE record. The Linux kernel's Bluetooth hci_conn component is affected, and the vulnerability has been resolved. However, the specific details of the vulnerability and its impact are not publicly available, and further verification is necessary.
Official resources
-
CVE-2026-53364 CVE record
CVE.org
-
CVE-2026-53364 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
-
Source reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-13T18:16:28.297Z and has not been modified since then.