CVE-2026-31408 | Linux Kernel up to 7.0-rc5 Bluetooth sco_recv_frame use after free (EUVD-2026-19196 / Nessus ID 305060)
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.6.130/6.12.79/6.18.20/6.19.10/7.0-rc5. This impacts the function sco_recv_frame of the component Bluetooth. Such manipulation leads to use after free.
This vulnerability is documented as CVE-2026-31408. The attack requires being on the local network. There is not any exploit available.
It is advisable to upgrade the affected component.