github - ghsa-jm43-6rg5-9g9c

ghsa-jm43-6rg5-9g9c

Vulnerability from github

Published

2025-07-10 09:32

Modified

2025-07-10 09:32

Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Fix NULL pointer deference on eir_get_service_data

The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIR_SERVICE_DATA.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-38304"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-10T08:15:29Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix NULL pointer deference on eir_get_service_data\n\nThe len parameter is considered optional so it can be NULL so it cannot\nbe used for skipping to next entry of EIR_SERVICE_DATA.",
  "id": "GHSA-jm43-6rg5-9g9c",
  "modified": "2025-07-10T09:32:30Z",
  "published": "2025-07-10T09:32:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38304"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/20a2aa01f5aeb6daad9aeaa7c33dd512c58d81eb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/497c9d2d7d3983826bb02c10fb4a5818be6550fb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4bf29910570666e668a60d953f8da78e95bb7fa2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7d99cc0f8e6fa0f35570887899f178122a61d44e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/842f7c3154d5b25ca11753c02ee8cf6ee64c0142"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2025-38304 (GCVE-0-2025-38304)

Vulnerability from cvelistv5

Published

2025-07-10 07:42

Modified

2025-07-28 04:18

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix NULL pointer deference on eir_get_service_data The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIR_SERVICE_DATA.

References

►

URL

Tags

	https://git.kernel.org/stable/c/497c9d2d7d3983826bb02c10fb4a5818be6550fb
	https://git.kernel.org/stable/c/4bf29910570666e668a60d953f8da78e95bb7fa2
	https://git.kernel.org/stable/c/842f7c3154d5b25ca11753c02ee8cf6ee64c0142
	https://git.kernel.org/stable/c/7d99cc0f8e6fa0f35570887899f178122a61d44e
	https://git.kernel.org/stable/c/20a2aa01f5aeb6daad9aeaa7c33dd512c58d81eb

Impacted products

Vendor

Product

Version

►

Version: 8f9ae5b3ae80f168a6224529e3787f4fb27f299a
Version: 8f9ae5b3ae80f168a6224529e3787f4fb27f299a
Version: 8f9ae5b3ae80f168a6224529e3787f4fb27f299a
Version: 8f9ae5b3ae80f168a6224529e3787f4fb27f299a
Version: 8f9ae5b3ae80f168a6224529e3787f4fb27f299a

Version: 5.19

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/bluetooth/eir.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "497c9d2d7d3983826bb02c10fb4a5818be6550fb",
              "status": "affected",
              "version": "8f9ae5b3ae80f168a6224529e3787f4fb27f299a",
              "versionType": "git"
            },
            {
              "lessThan": "4bf29910570666e668a60d953f8da78e95bb7fa2",
              "status": "affected",
              "version": "8f9ae5b3ae80f168a6224529e3787f4fb27f299a",
              "versionType": "git"
            },
            {
              "lessThan": "842f7c3154d5b25ca11753c02ee8cf6ee64c0142",
              "status": "affected",
              "version": "8f9ae5b3ae80f168a6224529e3787f4fb27f299a",
              "versionType": "git"
            },
            {
              "lessThan": "7d99cc0f8e6fa0f35570887899f178122a61d44e",
              "status": "affected",
              "version": "8f9ae5b3ae80f168a6224529e3787f4fb27f299a",
              "versionType": "git"
            },
            {
              "lessThan": "20a2aa01f5aeb6daad9aeaa7c33dd512c58d81eb",
              "status": "affected",
              "version": "8f9ae5b3ae80f168a6224529e3787f4fb27f299a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/bluetooth/eir.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.19"
            },
            {
              "lessThan": "5.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.142",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.94",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.34",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.142",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.94",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.34",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.3",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16",
                  "versionStartIncluding": "5.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix NULL pointer deference on eir_get_service_data\n\nThe len parameter is considered optional so it can be NULL so it cannot\nbe used for skipping to next entry of EIR_SERVICE_DATA."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T04:18:05.605Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/497c9d2d7d3983826bb02c10fb4a5818be6550fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/4bf29910570666e668a60d953f8da78e95bb7fa2"
        },
        {
          "url": "https://git.kernel.org/stable/c/842f7c3154d5b25ca11753c02ee8cf6ee64c0142"
        },
        {
          "url": "https://git.kernel.org/stable/c/7d99cc0f8e6fa0f35570887899f178122a61d44e"
        },
        {
          "url": "https://git.kernel.org/stable/c/20a2aa01f5aeb6daad9aeaa7c33dd512c58d81eb"
        }
      ],
      "title": "Bluetooth: Fix NULL pointer deference on eir_get_service_data",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38304",
    "datePublished": "2025-07-10T07:42:15.466Z",
    "dateReserved": "2025-04-16T04:51:24.002Z",
    "dateUpdated": "2025-07-28T04:18:05.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.