A vulnerability identified as problematic has been detected in zephyrproject zephyr up to 4.4.x. Affected is the function rfcomm_handle_disc of the file subsys/bluetooth/host/classic/rfcomm.c of the component RFCOMM Service. Performing a manipulation results in race condition.

This vulnerability is identified as CVE-2026-10654. The attack can only be performed from the local network. There is not any exploit available.

You should upgrade the affected component.