Primary

Context

Linux Kernel Bluetooth Name Handling Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's Bluetooth implementation has been addressed. The issue arose because the device name and short name were not guaranteed to be null-terminated, leading to potential string handling errors. The vulnerability has been fixed by replacing the use of 'strlen' with 'strnlen' to safely determine the length of these strings, followed by a check to see if the strings needed to be truncated.

Impact

The vulnerability could have led to improper handling of Bluetooth device names, potentially causing memory corruption or other unintended behavior in Bluetooth communication.

Added: Aug 9, 2025, 3:22 PM

Updated: Aug 9, 2025, 3:22 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.3

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Bluetooth Name Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating