CVE-2025-38128

UNKNOWN 0.0

Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands In 'mgmt_hci_cmd_sync()', check whether the size of parameters passed in 'struct mgmt_cp_hci_cmd_sync' matches the total size of the data (i.e. 'sizeof(struct mgmt_cp_hci_cmd_sync)' plus trailing bytes). Otherwise, large invalid 'params_len' will cause 'hci_cmd_sync_alloc()' to do 'skb_put_data()' from an area beyond the one actually passed to 'mgmt_hci_cmd_sync()'.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jul 3, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

827af4787e74e8df9e8e0677a69fbb15e0856d2f < 9eeafd16d76a7642d12b3442a26c15cd345e12f7 827af4787e74e8df9e8e0677a69fbb15e0856d2f < 03f1700b9b4d4f2fed3165370f3c23db76553178

Linux / Linux

6.13

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/9eeafd16d76a7642d12b3442a26c15cd345e12f7 git.kernel.org: https://git.kernel.org/stable/c/03f1700b9b4d4f2fed3165370f3c23db76553178