VYPR
Medium severity5.5NVD Advisory· Published May 5, 2026· Updated May 29, 2026

CVE-2026-43069

CVE-2026-43069

Description

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: hci_ll: Fix firmware leak on error path

Smatch reports:

drivers/bluetooth/hci_ll.c:587 download_firmware() warn: 'fw' from request_firmware() not released on lines: 544.

In download_firmware(), if request_firmware() succeeds but the returned firmware content is invalid (no data or zero size), the function returns without releasing the firmware, resulting in a resource leak.

Fix this by calling release_firmware() before returning when request_firmware() succeeded but the firmware content is invalid.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.