CVE-2025-21936

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-21936
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21936.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21936
Downstream
Related
Published
2025-04-01T15:41:03.845Z
Modified
2026-03-11T07:55:02.090446Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()
Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Add check for mgmtallocskb() in mgmtdeviceconnected()

Add check for the return value of mgmtallocskb() in mgmtdeviceconnected() to prevent null pointer dereference.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21936.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e96741437ef0a5d18144e790ac894397efda0924
Fixed
dc516e66fb28c61b248b393e2ddd63bd7f104969
Fixed
bdb1805c248e9694dbb3ffa8867cef2e52cf7261
Fixed
7841180342c9a0fd97d54f3e62c7369309b5cd84
Fixed
7d39387886ffe220323cbed5c155233c3276926b
Fixed
d8df010f72b8a32aaea393e36121738bb53ed905

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21936.json"