CVE-2025-40213

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the Bluetooth implementation related to mesh synchronization and completion. Specifically, a stack-out-of-bounds issue exists in the set mesh sync function due to a memcpy operation exceeding the bounds of a flexible array. Additionally, a crash can occur in the set mesh complete function due to a double list deletion via mgmt pending valid and mgmt pending remove. The issue in set mesh sync is addressed by correctly declaring the flexible array using DEFINE FLEX and ensuring the memcpy operation remains within bounds. The crash in set mesh complete is resolved by using mgmt pending free to remove the command from the list and reporting status on error.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.