CVE-2025-38304
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-10
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: Fix NULL pointer deference on eir_get_service_data
The len parameter is considered optional so it can be NULL so it cannot
be used for skipping to next entry of EIR_SERVICE_DATA.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a NULL pointer dereference in the Linux kernel's Bluetooth component related to the function eir_get_service_data. The issue arises because the 'len' parameter is considered optional and can be NULL, but the code incorrectly uses it to skip to the next entry of EIR_SERVICE_DATA, leading to a potential crash or undefined behavior.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to crash or behave unpredictably when processing Bluetooth service data, potentially leading to denial of service or system instability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70