CVE-2025-37792

MEDIUM EPSS 5.3%
Published May 1, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtl_initialize() function checks that rtl_load_file() either had an error or it loaded a zero length file. However, if it loaded a zero length file then the error code is not set correctly. It results in an error pointer vs NULL bug, followed by a NULL pointer dereference. This was detected by Smatch: drivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to 'ERR_PTR'

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
5.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 10

VendorProductVersionRange
linuxlinux_kernel*≥4.19  –  <5.4.293
linuxlinux_kernel*≥5.5  –  <5.10.237
linuxlinux_kernel*≥5.11  –  <5.15.181
linuxlinux_kernel*≥5.16  –  <6.1.135
linuxlinux_kernel*≥6.2  –  <6.6.88
linuxlinux_kernel*≥6.7  –  <6.12.25
linuxlinux_kernel*≥6.13  –  <6.14.4
linuxlinux_kernel6.15any
linuxlinux_kernel6.15any
debiandebian_linux11.0any

References 10

  • git.kernel.org https://git.kernel.org/stable/c/2d7c60c2a38b4b461fa960ad0995136a6bfe0756
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/324dddea321078a6eeb535c2bff5257be74c9799
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3db6605043b50c8bb768547b23e0222f67ceef3e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/53ceef799dcfc22c734d600811bfc9dd32eaea0a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/73dc99c0ea94abd22379b2d82cacbc73f3e18ec1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aaf356f872a60db1e96fb762a62c4607fd22741f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c3e9717276affe59fd8213706db021b493e81e34
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d8441818690d795232331bd8358545c5c95b6b72
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
    Mailing List
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html
    Mailing List

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2d7c60c2a38b4b461fa960ad0995136a6bfe0756
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/324dddea321078a6eeb535c2bff5257be74c9799
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3db6605043b50c8bb768547b23e0222f67ceef3e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/53ceef799dcfc22c734d600811bfc9dd32eaea0a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/73dc99c0ea94abd22379b2d82cacbc73f3e18ec1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/aaf356f872a60db1e96fb762a62c4607fd22741f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c3e9717276affe59fd8213706db021b493e81e34
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d8441818690d795232331bd8358545c5c95b6b72
    Patch