CVE-2025-39889

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the Bluetooth L2CAP implementation related to the handling of encryption key sizes during incoming connections. The problem arises when the security key size is less than the expected 16 bytes for Security Mode 4 Level 4, potentially leading to a successful connection when it should be refused. This issue was identified during testing to meet GAP/SEC/SEM/BI-04-C PTS test case requirements. The logs indicate that a connection response with a successful result is received when a refused connection is expected. The issue involves the handling of L2CAP connection requests and responses, specifically concerning the Source CID and Destination CID parameters. HCI logs show the reading of encryption key size and the subsequent handling of ACL data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.