CVE-2025-38303

Summary

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: eir: Fix possible crashes on eir_create_adv_data

eir_create_adv_data may attempt to add EIR_FLAGS and EIR_TX_POWER without checking if that would fit.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux01ce70b0a274bd76a5a311fb90d4d446d9bdfea1 < 2d4588f55cc10fc228f3b46469dbfb3f0a8b13c8affected
LinuxLinux01ce70b0a274bd76a5a311fb90d4d446d9bdfea1 < 2af40d795d3fb0ee5c074b7ac56ab22402aa6e4faffected
LinuxLinux01ce70b0a274bd76a5a311fb90d4d446d9bdfea1 < b9db0c27e73b7c8a19384a44af527edfda74ff3daffected
LinuxLinux01ce70b0a274bd76a5a311fb90d4d446d9bdfea1 < 47c03902269aff377f959dc3fd94a9733aa31d6eaffected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.168 <= 6.1.*unaffected
LinuxLinux6.12.34 <= 6.12.*unaffected
LinuxLinux6.15.3 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References