CVE-2025-38304

Опубликовано: 10 июл. 2025

Источник: redhat

CVSS3: 5.5

Описание

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eir_get_service_data The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIR_SERVICE_DATA.

A flaw was found in the Linux kernel's Bluetooth subsystem. A local user could trigger a NULL pointer dereference in the eir_get_service_data function. This occurs because the len parameter, which is optional, can be NULL, but the function attempts to use it. Successful exploitation of this vulnerability could lead to a system crash, resulting in a Denial of Service (DoS).

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Fix deferred
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Fix deferred
Red Hat Enterprise Linux 9	kernel-rt	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=2379179kernel: Linux kernel (Bluetooth): Denial of Service due to NULL pointer dereference

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2025-38304

CVSS3: 5.5

ubuntu

9 месяцев назад

CVE-2025-38304

CVSS3: 5.5

nvd

9 месяцев назад

CVE-2025-38304

CVSS3: 5.5

msrc

8 месяцев назад

Bluetooth: Fix NULL pointer deference on eir_get_service_data

CVE-2025-38304

CVSS3: 5.5

debian

9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: B ...

GHSA-jm43-6rg5-9g9c

CVSS3: 5.5

github

9 месяцев назад

5.5 Medium

CVSS3