5.5

CVE-2025-21937

Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()

Add check for the return value of mgmt_alloc_skb() in
mgmt_remote_name() to prevent null pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.17.2 < 6.1.131
LinuxLinux Kernel Version >= 6.2 < 6.6.83
LinuxLinux Kernel Version >= 6.7 < 6.12.19
LinuxLinux Kernel Version >= 6.13 < 6.13.7
LinuxLinux Kernel Version6.14 Updaterc1
LinuxLinux Kernel Version6.14 Updaterc2
LinuxLinux Kernel Version6.14 Updaterc3
LinuxLinux Kernel Version6.14 Updaterc4
LinuxLinux Kernel Version6.14 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.089
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/37785a01040cb5d11ed0ddbcbf78491fcd073161
Patch
https://git.kernel.org/stable/c/69fb168b88e4d62cb31cdd725b67ccc5216cfcaf
Patch
https://git.kernel.org/stable/c/88310caff68ae69d0574859f7926a59c1da2d60b
Patch
https://git.kernel.org/stable/c/c5845c73cbacf5704169283ef29ca02031a36564
Patch
https://git.kernel.org/stable/c/f2176a07e7b19f73e05c805cf3d130a2999154cb
Patch
https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html