CVE-2025-38315
BaseFortify
Publication date: 2025-07-10
Last updated on: 2025-11-18
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.11 |
| linux | linux_kernel | 6.11 |
| linux | linux_kernel | 6.11 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-674 | The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack buffer overflow in the Linux kernel's Bluetooth component (btintel). It occurs because the code did not properly check the size of an EFI variable before copying it into a fixed-size structure (btintel_dsbr). If the EFI variable is larger than the structure, it can overflow the stack buffer, potentially leading to memory corruption or other unintended behavior. The fix involves verifying the size of the EFI variable against the expected structure size and failing if they do not match.
How can this vulnerability impact me? :
This stack buffer overflow vulnerability could allow an attacker to cause memory corruption in the Linux kernel's Bluetooth subsystem. This might lead to system crashes, denial of service, or potentially allow execution of arbitrary code with kernel privileges, depending on the exploitation scenario.