CVE-2025-21936

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()

Add check for the return value of mgmt_alloc_skb() in mgmt_device_connected() to prevent null pointer dereference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe96741437ef0a5d18144e790ac894397efda0924 < dc516e66fb28c61b248b393e2ddd63bd7f104969affected
LinuxLinuxe96741437ef0a5d18144e790ac894397efda0924 < bdb1805c248e9694dbb3ffa8867cef2e52cf7261affected
LinuxLinuxe96741437ef0a5d18144e790ac894397efda0924 < 7841180342c9a0fd97d54f3e62c7369309b5cd84affected
LinuxLinuxe96741437ef0a5d18144e790ac894397efda0924 < 7d39387886ffe220323cbed5c155233c3276926baffected
LinuxLinuxe96741437ef0a5d18144e790ac894397efda0924 < d8df010f72b8a32aaea393e36121738bb53ed905affected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux6.1.131 <= 6.1.*unaffected
LinuxLinux6.6.83 <= 6.6.*unaffected
LinuxLinux6.12.19 <= 6.12.*unaffected
LinuxLinux6.13.7 <= 6.13.*unaffected
LinuxLinux6.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References