5.5

CVE-2025-21936

Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()

Add check for the return value of mgmt_alloc_skb() in
mgmt_device_connected() to prevent null pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.17 < 6.1.131
LinuxLinux Kernel Version >= 6.2 < 6.6.83
LinuxLinux Kernel Version >= 6.7 < 6.12.19
LinuxLinux Kernel Version >= 6.13 < 6.13.7
LinuxLinux Kernel Version6.14 Updaterc1
LinuxLinux Kernel Version6.14 Updaterc2
LinuxLinux Kernel Version6.14 Updaterc3
LinuxLinux Kernel Version6.14 Updaterc4
LinuxLinux Kernel Version6.14 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.087
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/7841180342c9a0fd97d54f3e62c7369309b5cd84
Patch
https://git.kernel.org/stable/c/7d39387886ffe220323cbed5c155233c3276926b
Patch
https://git.kernel.org/stable/c/bdb1805c248e9694dbb3ffa8867cef2e52cf7261
Patch
https://git.kernel.org/stable/c/d8df010f72b8a32aaea393e36121738bb53ed905
Patch
https://git.kernel.org/stable/c/dc516e66fb28c61b248b393e2ddd63bd7f104969
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html