PT-2025-49383 · Linux+4 · Linux Kernel+4

Published

2025-12-06

·

Updated

2026-05-26

·

CVE-2025-40282

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw exists in the Bluetooth 6lowpan implementation within the Linux kernel. Specifically, the code lacks proper handling of link-local headers during the reception of IPv6 packets, potentially leading to system crashes. The issue resides in the net/bluetooth/6lowpan.c file, where the netdev structure has header operations, requiring the setting of a link-local header for received skb packets. The absence of skb reset mac header() for the uncompressed IPv6 receive path causes the crash. This is addressed in the compressed path by lowpan header decompress(). The issue was observed during testing with BlueZ 6lowpan-tester. The vulnerable code is located in the chan recv cb function.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2025-40282
DLA-4404-1
ECHO-90C2-0926-9137
MGASA-2026-0017
MGASA-2026-0018
OPENSUSE-SU-2026:20145-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:20207-1
SUSE-SU-2026:20220-1
SUSE-SU-2026:20228-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8100-1
USN-8116-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1

Affected Products

Bluez 6Lowpan-Tester
Debian
Linuxmint
Linux Kernel
Ubuntu