CVE-2025-38128
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38128
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38128.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38128
- Downstream
- Published
- 2025-07-03T08:35:33.089Z
- Modified
- 2025-11-28T02:34:58.064710Z
- Summary
- Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: MGMT: reject malformed HCICMDSYNC commands
In 'mgmthcicmdsync()', check whether the size of parameters passed in 'struct mgmtcphcicmdsync' matches the total size of the data (i.e. 'sizeof(struct mgmtcphcicmdsync)' plus trailing bytes). Otherwise, large invalid 'paramslen' will cause 'hcicmdsyncalloc()' to do 'skbputdata()' from an area beyond the one actually passed to 'mgmthcicmdsync()'.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38128.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/03f1700b9b4d4f2fed3165370f3c23db76553178
- https://git.kernel.org/stable/c/9eeafd16d76a7642d12b3442a26c15cd345e12f7
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38128.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38128