CVE-2025-22007

MEDIUM EPSS 7.6%
Published Apr 3, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 3, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chan_alloc_skb_cb() The chan_alloc_skb_cb() function is supposed to return error pointers on error. Returning NULL will lead to a NULL dereference.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
7.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 11

VendorProductVersionRange
linuxlinux_kernel*≥3.17  –  <6.1.132
linuxlinux_kernel*≥6.2  –  <6.6.85
linuxlinux_kernel*≥6.7  –  <6.12.21
linuxlinux_kernel*≥6.13  –  <6.13.9
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any
linuxlinux_kernel6.14any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/1bd68db7beb426ab5a45d81516ed9611284affc8
  • git.kernel.org https://git.kernel.org/stable/c/72d061ee630d0dbb45c2920d8d19b3861c413e54
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/761b7c36addd22c7e6ceb05caaadc3b062d99faa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/76304cba8cba12bb10d89d016c28403a2dd89a29
  • git.kernel.org https://git.kernel.org/stable/c/788ae2ae4cf484e248b5bc29211c7ac6510e3e92
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a78692ec0d1e17a96b09f2349a028878f5b305e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b3d607e36fef4bd05fb938a8a868ff70e9fedbe2
  • git.kernel.org https://git.kernel.org/stable/c/ecd06ad0823a90b4420c377ef8917e44e23ee841
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/72d061ee630d0dbb45c2920d8d19b3861c413e54
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/761b7c36addd22c7e6ceb05caaadc3b062d99faa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/788ae2ae4cf484e248b5bc29211c7ac6510e3e92
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a78692ec0d1e17a96b09f2349a028878f5b305e4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ecd06ad0823a90b4420c377ef8917e44e23ee841
    Patch