CVE-2025-38303
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-10
Last updated on: 2026-04-11
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: eir: Fix possible crashes on eir_create_adv_data
eir_create_adv_data may attempt to add EIR_FLAGS and EIR_TX_POWER
without checking if that would fit.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.16 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's Bluetooth component involves the eir_create_adv_data function, which may try to add EIR_FLAGS and EIR_TX_POWER data without verifying if there is enough space to fit them. This can lead to possible crashes.
How can this vulnerability impact me? :
The vulnerability can cause crashes in the Bluetooth functionality of the Linux kernel, potentially leading to denial of service or instability in systems using affected Bluetooth features.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70