CVE-2025-21936

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-21936
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21936.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-21936
Downstream
Related
Published
2025-04-01T15:41:03.845Z
Modified
2026-05-18T05:57:24.393185620Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()
Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Add check for mgmtallocskb() in mgmtdeviceconnected()

Add check for the return value of mgmtallocskb() in mgmtdeviceconnected() to prevent null pointer dereference.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/21xxx/CVE-2025-21936.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e96741437ef0a5d18144e790ac894397efda0924
Fixed
dc516e66fb28c61b248b393e2ddd63bd7f104969
Fixed
bdb1805c248e9694dbb3ffa8867cef2e52cf7261
Fixed
7841180342c9a0fd97d54f3e62c7369309b5cd84
Fixed
7d39387886ffe220323cbed5c155233c3276926b
Fixed
d8df010f72b8a32aaea393e36121738bb53ed905

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21936.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.17.0
Fixed
6.1.131
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.83
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.19
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.7

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-21936.json"