PT-2025-29024 · Linux+6 · Linux Kernel+6

Anubis

·

Published

2025-06-05

·

Updated

2026-05-22

·

CVE-2025-38304

CVSS v2.0

6.0

Medium

VectorAV:L/AC:H/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A NULL pointer dereference issue was resolved in the Bluetooth stack within the Linux kernel, specifically in the eir get service data function. The len parameter within this function is optional and can be NULL, leading to a potential issue when attempting to iterate through EIR SERVICE DATA entries.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Weakness Enumeration

CWE-476

Related Identifiers

AZL-64949
BDU:2025-08927
CVE-2025-38304
DLA-4328-1
DSA-5973-1
ECHO-B954-CF84-CB1A
MGASA-2025-0218
MGASA-2025-0219
OESA-2026-2417
OESA-2026-2418
OPENSUSE-SU-2025:20081-1
SUSE-SU-2025:02853-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:02969-1
SUSE-SU-2025:02996-1
SUSE-SU-2025:02997-1
SUSE-SU-2025:03011-1
SUSE-SU-2025:03023-1
SUSE-SU-2025:20577-1
SUSE-SU-2025:20586-1
SUSE-SU-2025:20601-1
SUSE-SU-2025:20602-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025_02853-1
SUSE-SU-2025_02969-1
SUSE-SU-2025_02996-1
SUSE-SU-2025_02997-1
SUSE-SU-2025_03011-1
SUSE-SU-2025_03023-1
USN-7769-1
USN-7769-2
USN-7769-3
USN-7770-1
USN-7771-1
USN-7789-1
USN-7789-2
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu